Security in Wireless Sensor Networks

slurpslapoutΔίκτυα και Επικοινωνίες

20 Νοε 2013 (πριν από 4 χρόνια και 7 μήνες)

96 εμφανίσεις

Security in Wireless Sensor

This covers the security threats, review
proposed security mechanisms for
wireless sensor networks and also at the
same time discusses about the holistic
view of security for ensuring layered and
robust security in wireless sensor

What are Wireless Sensor Networks?

A wireless network

consisting of spatially



Basic idea is to wide spread the tiny sensing
devices which are capable of sensing some.

Can monitor temperature, pressure, humidity,
soil makeup, vehicular movement, noise levels,
lighting conditions, the presence or absence of
certain kinds of objects or substances,
mechanical stress levels on attached objects,
and other properties .

Issues to concentrate on

The routing strategies get more preference, the
security issues are yet to receive extensive

Explore the security issues and challenges,
discuss crucial parameters that require
extensive investigations.

Talk about cryptography, steganography and
other basics of network security

Discuss various types of threats and attacks
against wireless sensor network .

Discuss related work and proposed schemes
concerning security in WSN and introduce the
view of holistic security in WSN.

Security Schemes in Wireless Sensor

Authentication, integrity, privacy, no repudiation,
and anti

For secure transmission of various types of
information over networks, several
cryptographic, steganographic and other
techniques are used.

Network security fundamentals and how all
these techniques are meant for wireless sensor


decryption techniques meant for the
traditional wired networks are not capable in

Wireless sensor networks consist of tiny sensors
which really suffer from the lack of processing,
memory and battery power.

Applying any encryption scheme requires
transmission of extra bits.


Cryptography aims at hiding the main content of
a message, steganography aims at hiding the
present existence of the message.

Steganography is the art of covert
communication by embedding a message into
the multimedia data (image, sound, video, etc.).

Objective of steganography is to modify the
carrier in a way that is not perceptible and
hence, it looks just like ordinary message.

Securing wireless sensor networks is not directly related to
steganography and processing multimedia data (like audio,
video) with the inadequate resources of the sensors is

Security Threats and Issues in Wireless
Sensor Networks

Most are similar to their wired counterparts while
some are severe with the inclusion of wireless

Wireless networks are usually more open to
various security threats as unguided
transmission medium is more open to security
attacks than those of the guided transmission

Attacks in Wireless Sensor Networks

Attacks against wireless sensor networks
could be broadly considered from two different
levels of views

attack against the security

the basic mechanisms (like routing

Denial of Service

A standard attack on wireless sensor networks is
to jam a node or set of nodes.

Jamming, the transmission of a radio signal that
interferes with the radio frequencies being used
by the sensor network.

Two forms: constant jamming, and intermittent

Constant jamming involves the complete
jamming of the entire network. No messages are
able to be sent or received.

If the jamming is only intermittent, then nodes
are able to exchange messages periodically, but
not consistently.

Can have a detrimental impact as the messages
may be time sensitive.

Simplest DoS tries to exhaust the resources
available to the victim node, by sending extra
unnecessary packets preventing legitimate
network users from accessing.

Not only for the adversary’s attempt to subvert,
disrupt, or destroy a network, but also for any
event that diminishes a network’s capability to
provide a service.

Denial of service attacks in different

of service attacks could be jamming and
tampering, at link layer, collision, exhaustion,
unfairness, at network layer, neglect and greed,
homing, misdirection, black holes and at transport
layer this attack could be performed by malicious
flooding and

The mechanisms to prevent Denial of
service attacks include payment for network
authentication and identification
of traffic.

Transport Layer:

Attacks :

Transport layer susceptible to flooding.

Flooding can be as simple as sending many
connection requests to a susceptible node.

Prevention :

Resources must be allocated to handle the
connection request.

Eventually a node’s resources will be exhausted,
thus rendering the node useless.

Attacks on Information in transit

In a sensor network, sensors monitor the changes of specific
parameters or values and report to the sink according to the

While sending the report, the information in transit may be
altered, spoofed, replayed again or vanished.

Eaves dropper can monitor the traffic flow and get into action
to interrupt, intercept, modify or fabricate packets thus,
provide wrong information to the base.

Attacker with high processing power and larger
communication range could attack several sensors at the
same time.

Sybil Attack

in a
WSN might
need to work together to
accomplish a task, hence they can use distribution
of subtasks and redundancy of information.

In such a situation, a node
can pretend to be more
than one node using the identities of other
legitimate nodes .

type of attack where a node forges the
identities of more than one node is the Sybil

integrity of data, security and resource
utilization that the distributed algorithm attempts to

Black hole/Sinkhole Attack

Malicious node acts as a black hole to attract all
the traffic in the sensor network.

Attacker listens to requests for routes then
replies to the target nodes that it contains the
high quality or shortest path to the base station.

Inserts itself between the communicating nodes,
it is able to do anything with the packets passing
between them.

Hello Flood Attack

Uses HELLO packets as a weapon to convince
the sensors in WSN.

Attacker with a high radio transmission range
and processing power sends HELLO packets to
a number of sensor nodes.

Sensors are thus persuaded that the adversary
is their neighbor.

Victim nodes try to go through the attacker.

Wormhole Attack

Attacker records the packets (or bits) at one
location in the network and tunnels those to
another location.

The tunneling or retransmitting of bits could be
done selectively.

Attack does not require compromising a sensor
in the network rather, it could be performed even
at the initial.

The figure shows
a situation where a wormhole attack takes

a node B (for example, the base station or any other
sensor) broadcasts the routing request packet, the attacker
receives this packet and replays it in its neighborhood.

neighboring node receiving this replayed packet will
consider itself to be in the range of Node B, and will mark this
node as its parent. Hence, even if the victim nodes are

apart from B, attacker in this case convinces them
that B is only a single hop away from them, thus creates a

Traffic Analysis Attack & Rate
Monitoring Attack

For an adversary to effectively render the
network useless, the attacker can simply disable
the base station.

Rate monitoring attack makes use of the idea
that nodes closest to the base station tend to
forward more.

An attacker need only monitor which nodes are
sending packets and follow those nodes that are
sending the most packets.

Time correlation attack

Adversary generates events and monitors to
whom a node sends its packets.

To generate an event, the adversary could
simply generate a physical event that would be
monitored by the sensor(s) in the area (turning
on a light, for instance).

Node Replication Attacks

Attacker seeks to add a node to an existing
sensor network by copying (replicating) the node
ID of an existing sensor node .

Packets can be corrupted or even misrouted.

Physical Attacks

Sensor networks typically operate in hostile
outdoor environments.

The small form factor of the sensors, both of
these together with the unattended and
distributed nature of their deployment make
them highly susceptible to physical attacks, i.e.,
threats due to physical node destructions.

Proposed Security Schemes and
Related Work

In this section we review and map various
security schemes proposed or
implemented so far for wireless sensor

Security Schemes for Wireless Sensor

Gives an analysis of secure routing in wireless
sensor networks and studies how to design
secure distributed sensor networks

It studies Denial of service attacks against
different layers of sensor protocol stack.

JAM presents a mapping protocol which detects
a jammed region in the sensor network and
helps to avoid the faulty region to continue
routing within the network.

Wormholes which are
considered harmful for
wireless sensor network could effectively be used
as a reactive defense mechanism for preventing
jamming Denial of service

route filtering (SEF) mechanism to
detect injected false data in sensor network and
focus mainly on how to filter false data using


are two secure building blocks
for providing data confidentiality, data freshness
and broadcast authentication.

Sec proposes a link layer security mechanism
for sensor networks which uses an efficient
symmetric key encryption protocol.

The scheme uses a bidirectional verification
technique and also introduces multi
path multi
base station routing if bidirectional verification is
not sufficient to defend the attack.

Data Confidentiality

sensor network should not leak sensor readings to
its neighbors.

In many applications nodes communicate highly
sensitive data, e.g., key distribution,
important to build a secure channel in a wireless
sensor network.

Public sensor information, such as sensor identities
and public keys, should also be encrypted to some
extent to protect against traffic analysis attacks.

standard approach for keeping sensitive data
secret is to encrypt the data with a secret key that only
intended receivers possess, thus achieving

Data Integrity

With the implementation of confidentiality, an
adversary may be unable to steal information.

This doesn’t mean the data is safe. The
adversary can change the data, so as to send
the sensor network into disarray.

Thus, data integrity ensures that any received
data has not been altered in transit.

Data Freshness

Need to ensure the freshness of each message.

Informally, data freshness suggests that the data
is very much recent, and it ensures that no old
messages have been replayed.

This requirement is especially important when
there are shared
key strategies.

Holistic Security in Wireless Sensor

A holistic approach aims at improving the
performance of wireless sensor networks with
respect to security, longevity and connectivity
under changing environmental conditions.

The holistic approach of security concerns about
involving all the layers for ensuring overall
security in a network.

A single security solution for a single layer might
not be an efficient solution rather employing a
holistic approach could be the best option.


Most of the attacks against security in wireless
sensor networks are caused by the insertion of
wrong information by the nodes which are agreed
or compromised within the network.

defending the inclusion of these false reports
by compromised nodes, a mean is required for
detecting these false reports.

, developing such a detection mechanism
and making it efficient represents a great research

, ensuring the holistic security in wireless
sensor network is one of the major research issue.