Table of content
Introduction:
Background:
WSN Constraints and Limitations:
Unattended Operation
WSN Security Requirements:
Data Integrity:
Data Confidentiality:
Data Freshness:
Availability:
Self-Organizing:
Time Synchronization:
Localization:
Authentication:
WSN Security Attacks:
Conclusion:
References
Abstract:
Wireless Network is growing day by day which is also causing
the security an issue. Combining network with sensor for communication has
given a promising development in this field of research (Zhengqiang,
2006) .
The leaking of data could be very sensitive problem for any company or
industry. Therefore, security of wireless sensor network should be the highest
priority before designing the network. There are many challenges in security of
wireless sensor network these days as it varies from traditional network. The
research on wireless network sensor has proven great potentiality of it to come
in terms of security. In this paper a complete topic of wireless sensor network
security is being highlighted and also the requirement for security in WSN.
Introduction:
This type of network with sensor is giving world a cheaper
means of networking. As its cost is low comparatively, it could be deployed in
military use as well as civilian works at large number. This has number of
constrains that is low power and lack of data storage. These are only the
obstacle that makes traditional wireless sensor network a difficult task to
implement (H. Chan, 2003) .
The wireless network sensor has number of nodes which is
placed in the network containing large number of sensors (Kim, 2004) . There sensors are
capable of getting data from the environment as node and transferring to the
base station. The environment could vary with temp, sound, vibration, pollution
or motion. The environment could be hostile if it contains security measure or
not.
The channels and operation which are unreliable and
unattended respectively makes the security much harder. The research is being
conducted to have more processing power with less use of energy in wireless
sensor network. This brings the security measures to the network as well. It is
observed that in traditional issues of security all the nodes are trustworthy. Therefore,
the cryptographic security were introduced into the network for more security (Y. Hu, 2003) . It was found the
physical attacks are more effective rather than other hence the security on
physical attacks requires policy. The attacks physically is being described in
the below section.
There are four major categories of WSN and they are described
below in the section along with the examples (Pathan, 2006) . The wireless sensor
network’s limitations are being described first with its resources followed by
security requirement. The new security measure is taken into action in the
wireless sensor network (Adrian Perrig, 2004) . There are two main
reason and they are severe constrains and using of low power from sensor and
risk of physical risk which is node tampering and capture. These two gives
wireless sensor network problem in its performance. All the limitation and
security mechanism is being provided in the lower section of the report.
Background:
WSN Constraints and Limitations:
There are many constrains and limitation involved in
wireless sensor network. It is not easy to implement the already existing
security measure into this wireless sensor network. This new concept of
wireless sensor network requires different approach for security measure (Pathan, 2006) . There are many
constraints and limitation that are to be known which is described in this
topic.
Limited Resources:
For having any kind of security measure every approach need
to have resources. These resources include memory, energy and code for sensors (Adrian
Perrig, 2004) .
There is limitation on these resources as it is available only in tiny sensors
of network. These limitations are as given below as memory storage and battery
power.
Memory storage
The Sensors that are used in the network are tiny and it
acts as device with small memory and storage. With the small storage capability,
it requires powerful algorithm with small code size in the sensor memory. The
TeloosB which is a type of sensor contains following features as shown in table
below:
Sensor
|
CPU
|
RAM
|
MEMORY
|
FLASH STORAGE
|
TelosB
|
16 bit, 8Mhz RISC
|
10K
|
48K
|
1024
|
With these limited amount of resources, the algorithm is
injected into the software inside it for security measure.
Area of Program
|
Description
|
Hardware type
|
Data and Text memory
|
Variable and Machine code
|
PROM/FLASH
|
Stack
|
DMS(dynamic memory storage)
|
RAM
|
Heap
|
Application data storage
|
RAM
|
NON-volatile memory
|
Data and tables
|
EEPROM
|
Battery power
The energy is most important limitation in the sensor
network which is wireless as it has to be powered by battery for longer time. The
replacing and recharging of wireless sensor network battery has to be difficult
task for security measure. Therefore the battery has to ensure the life of
sensor node and the network’s all sensors (H. Chan, 2003) . The consideration
of energy is taken while implementing security algorithm into the network. The
life span of the sensor is affected with the algorithm and battery capability. The
more power is consumed by these sensor after the code’s implement is due to
processing of the encryption and decryption.
Unreliable
Communication
The communication that is unreliable is one of the biggest threat
to wireless sensor network. The protocol gives definition to security for
unreliable communication.
Unreliable transfer
The sensor network that uses packet for information transfer
is connectionless. The damage of packet could be caused due to error in
channel. In this case, some packets are lost. The packet damage is caused due
to unreliable communication (Stajano, 2003) . When there is high
rate of channel error, it challenges programmer for error handling. The error
handling should be done properly else there will be more packet loss and this
makes the connection unreliable transfer.
Conflicts
There could be unreliable communication even if there is reliable
channel. It is cause due to broadcast nature of wireless sensor network. The
conflict occurs when the packets collide at the middle of transfer. When there
is high sensor’s number there could be major problem of conflict.
Latency
The latency is increase due to congestion of network,
processing of network and routing in multi-hop. These makes the synchronization
among nodes of sensors. The sensor security requires high synchronization.
Unattended Operation
Some of the sensor nodes could be left unattained which can
be caused by its unused function required in the wireless network sensor (H. Zhu, 2004) . There are following
limitations for unattended sensor nodes. They are explained blow:
Exposure to Physical
attacks
When the sensor is deployed to the open places where it can
be easily accessed by intruders there could be physical attacks (Pathan, 2006) . This attacks could
also be caused due to environment and damage important component of the
network.
Managed remotely
The physical damage caused in the sensor is virtually
impossible to monitor in remotely managed wireless sensor network. These
includes battery, physical tempering and other. When it is used for military
purpose, there is great issue for maintenance as it falls on critical zone out
of reach. Once deployed these sensor has no maintained and no monitoring
physical. All remote management is done.
No Central Management
Point
These sensor network contains no central management point
which increases the strength of wireless sensor network. The desiging plays
important role which increases the effectiveness.
WSN Security Requirements:
The wireless sensor network is one of the special network
which is similar to traditional network but also is equipped with advanced
security measure and components. The main requirement is cryptographic key for
setting up the wireless sensor network (W. Du, 2003) . It is not cheap to
use public key in the WSN as it has low power to use. There needs number of
nodes that could vary from hundreds to thousands. The requirement of wireless
sensor network is compression of both types of network that is traditional and
advanced which is being described below.
Data Integrity:
It is accuracy and constancy of data. The sensors data could
be manipulated with infected node in the network which harms the data integrity (Chris Karlof,
2003) .
Even if there is communication problem, this could be caused. The data
integrity makes sure that the data is in its original state.
Data Confidentiality:
One of the most important issues in network security is data
confidentially. Every network with concern to data security takes proper
measure for data confidentiality. The sensor network has following data
confidentiality that are given below and explained.
·
The sensor that is reading to other sensor
shouldn’t be leaked by the network. The sensor node that stores data could
contain high sensitive information and may cause serious damage when leaked.
·
The node in the sensor network makes the
communication of sensible data possible.
·
The encryption should be done with the sensor
that collects public information. This is done to ensure that the data is
protected from different factors.
Data Freshness:
Data Integrity and confidentially can’t ensure that the data
is protected. The data freshness is required for each message. The data is
recent and no old message has passed is confirmed by data freshness. With the
strategies of shared key, data freshness is used into the design of network. The
shared key has to be changed with respect to time. The replay attack could be
possible as it takes time for new shared key to propagate into the entire
network (Pathan, 2006) . The normal work of
the sensor is also found to be disturbed. The time related counter is being
used to prevent the network from this attack.
Availability:
The wireless sensor network has to be encrypted with
traditional encryption algorithm which cost may some extra. The reuse of code
that were previously used on the traditional networks is done on this network (John Paul
Walters, 2006) .
There are other approach as well to get same result. There are other approaches
that limits data accuracy in the sensor network. With the use of all these
strategy makes availability weaker and the reason is given below:
·
The computation of more features in the sensor
network with more algorithm that are complex makes the consumption of energy
more and more. The loose in energy causes no availability.
·
The more the communication is there will be more
energy consumption that causes more energy uses which results in low availability
of the network.
·
The use of central point in wireless sensor
network cause single point failure. This cause loose in network availability.
Self-Organizing:
The self-organizing, self-healing and independency is the
main feature of wireless sensor network which is also an ad hoc network. In the
wireless sensor network, the infrastructure isn’t fixed when it come for
management of network (Pathan, 2006) . This causes
security issues to the network. The random key redistribution is used for
encryption in the sensor which is symmetric. The ensuring of security in
network makes the use of public key. The public key cryptography is used for
security purpose.
Time Synchronization:
Time synchronization plays important role in wireless sensor
network. This is used to conserve power by switching off the sensor for certain
time. The collaboration of number of sensors are required for more efficiency
that is done by time synchronization. The secured synchronization is required
in the network for sending and receiving data as well as for multihop purpose
and also to group synchronization.
Localization:
The localization of sensor in the network is very important
for accusing its accuracy that is done automatically. The faults in the network
has to be located automatically and the network should also be designed in same
way. The false signal could be sent to the network to locate the sensor that is
unsecured by the attacker.
The localization is done using reference points which makes
the attacker difficult the located the sensor easily. This technique is known
as VM that is verifiable multilateration (Stajano, 2003) . The use of distance
bounding is done to locate the sensor that has faults. In this technique, the
attacker has to prove that it is near to the sensor in distance bounded
network. When there is large network SPINE algorithm is used. The algorithm is
three phased which is purely based on multilateration. Secure range independent
localization makes sure that locators are not compromised. Every locator is
capable of knowing its own location. The beacon data sent by these locators
makes sensor to know its exact location.
Authentication:
The authentication is required to making the network more
secured from attackers. These attackers are capable of changing the packet
stream. Therefore, on the receiving end it should be accused that the data
isn’t manipulated. The design of network makes sure that there is proper
authentication for administrative task done on the network (John Paul
Walters, 2006) .
This is used to ensure that data is sent by the verified sender. The symmetric
mechanism is used to achieve authentication for these two party communication. In
this technique the secret key is shared for authentication and transfer of
data.
The enhanced utesla purposed by liu and Ning which broadcast
the key chain commitment. These scheme provided by them has the key chain which
settle with multilevel key technique (Kim, 2004) . The scalable key
distribution is achieved with the use of predetermination and broadcasting of
multi-level key chain.
WSN Security Attacks:
There are many type attack that the wireless sensor network
is vulnerable of. The attacks are DOS attack, traffic analysis, physical attack
and privacy violation are mostly found. The DOS attack has the range with
varies from jamming for sensor to sophisticated attacks that violates the
protocol (Adrian Perrig, 2004) . The DOS is found to
be nearly impossible because of asymmetry power with less computational
constraints in wireless sensor network. If the note is powerful it is capable
of jamming the other node and prevent attacks.
The attacks are not only limited to the DOS attacks but
other like takeovers, and physical attacks and routing protocols. The attacks
on wireless sensor network are discussed in this section with examples and
proper diagrams.
Passive attacks:
The passive attack is
the attack which is done after listening the network for long time and
understanding its behavior. The privacy is gained by the attacker (Adrian
Perrig, 2004) .
The general classification of attacks are as given below and all the sub topics
are explained as well.
Monitoring and
eavesdropping:
This attack is related to privacy which is discussed below
in privacy attack section. It is undertaken by snooping into the network and
the data being transferred (Adrian Perrig, 2004) . The content being
transferred could easily be discovered by the attacker. This acts against the
privacy and affect the network and privacy of individual.
DOS attack and its
types:
These attacks jam nodes in the wireless sensor network. The
jamming refers to the radio frequency that interferes with the original signal
by sensor and makes the communication stop. The jamming is found to be in two
forms. They are intermittent jamming and constant jamming. The intermittent
jamming makes the node to transmit message periodically over some time making
the transmission slow (Pathan, 2006) . On the other hand,
constant jamming makes all the message impossible to transmit and blocks all
the nodes. This attack completely shut down all the communication in the
network.
The other way is to attack the link layer of the network
which is violating of IEEE 801.11b protocol completely. The message is being
sent constantly by the attacker to generate collision which make the
retransmission of affected packets. When the retransmission is too high there
is chance of disrupt of power supply on the node.
Sybil Attack:
This attack is the malware device that takes number of
identity. In the peer to peer network, the Sybil attack defeats the redundancy
mechanism within distributed storage system that contains data. This attack is
effective on data aggregation routing algorithm, voting, foiling misbehavior
detection and resource allocation. All the attacks on these involves multiple
identities. The generation of addition votes can be done using this attack.
Traffic analysis
attacks:
There is only few base station which has powerful base and
other sensors are low power typically in wireless sensor based network. The
data that are generated at sensors are routed to the base station. The attacker
in this case can easily attack the base station as it is known that all the
data will be coming to the base station (Pathan, 2006) . The attack on the
node that send the packet is found by the attacker in this attack and this node
is attacked to stop the transmission. The event could be generated physically
by the attacker and monitored by the sensor.
Privacy attack:
The wireless sensor network is capable of producing hug
amount of data after efficient deployment. There is benefit with these new
technology as well as there are chances of abuse (Y. Hu, 2003) . The main issue is
the privacy of individual person. When the sensors are correlated by attackers
they can use the privacy information against the individual which is privacy
attack. The problem of panda hunter, the hunter could come to the place of
panda and hurt the panda.
The information from the sensor survey is directly collected
to the base station. The problem doesn’t start with the sensor but with this
large volume of information and data there is vulnerability in the system.
·
Attack by
Monitor: one of the obvious attack is monitor attack in privacy which is
done by listening to data. The data reveals the contents of the communication.
The information that is traffic conveyed in the configuration gives all the
information.
·
Attack by
Traffic analysis: The monitoring and eavesdropping combine makes this
attack. There is register activity when transmitting packet is between two
nodes.
·
Attack by
Camouflage: The attacker deploy their additional note between two notes and
get the information that follows through the network.
Sinkhole Attack/Black
hole:
The malicious node is introduced into the network and it is
made to act as black hole. This node attacks all the traffic and messages
through the network. In the flooding protocol the message in the wireless
sensor network takes the shortest path to reach the destination. The sinkhole
nodes makes changes to these path and take all the message to itself and
destroys it (Y. Hu, 2003) . The nodes that are
far from this node is also equally effected and cause serious damage to the
network and its communication. The diagram below shows the Sinkhole attack/black-hole
attack.
Hello attack
flooding:
The hello packets are introduced into network which makes
the sensor convinced. It acts as weapon. The attack is done on the attacker
with this hello packet which is sent to the sensors all over the wireless
sensor network (H. Zhu, 2004) . The sensor are made
to believe that the attacker is nearby as neighbor (Y. Hu, 2003) . With this
information given by hello packet makes the sensor to send the message directly
to the attacker. This makes network compromised and data are corrupted.
Node replication
attacks:
It is simple kind of attack when viewed normally. In this
technique, an additional node is added into the network by the attacker which
is done by copying the ID of one of the nodes. The performance of the network
is seriously disturbed by this attack (Chris Karlof, 2003) . The misrouting of
packet or even corruption in it can be cause by this attack. The connection of
the network with the sensor is disrupted and causes damage in package. The
cryptography key can be copied by the attacker when they gets hand on the
physical network. These nodes after inserting into the network makes the easy manipulation
of the data sent and received and even disconnect it.
Physical attacks:
As it is known that these wireless sensor are placed in open
environment that is found to be more vulnerable to environment. The destruction
of there sensor is most common. This is permanent destruction and there is no
recovery of sensor or the data that is being collected by it. The cryptographic
algorithm could be extracted from the sensor and attack the complete network
when they possess any one of the sensor.
Flooding with
Probabilistic:
The node’s subset are only the part of message follow in the
network along with the data. Even though the message is sent, it could be
discarded by the base station. In this there are times when a lot of messages
are lost within the network (H. Chan, 2003) . This decreases the
effectiveness of the network. This is one of the factor that makes the network
weak to communicate.
Dummy messages’
flooding:
Other flooding has power to make the privacy violation but
this makes the attacker to monitor all the contents in the wireless sensor
network that flows (Pathan, 2006) . The power to
monitoring makes the attacker to understand what message is being passed and
even it can make them easy to determine cryptographic key (Y. Hu, 2003) . The message could
be faked and made to inject into the network. And when the message is captured
by the attacker, it can’t be known.
Flooding of Phantom:
This is similar concept with other flooding where number of
messages are sent on the network. The message is divided into two or more and
is sent through different routing. This makes hacker difficult to understand
the half message (Pathan, 2006) . In this case, the
messages that goes through shorter path is more than other way. This creates
problem with constant messaging and makes it difficult to the receiver end to
collect data. The attacker is made to get the message that is fake and real
message is sent through other sources to the base station. There are two phases
in these messages. They are phase of walking and other one is subsequent
flooding.
Conclusion:
In this report, all the aspects of wireless sensor network
security were discussed along with its requirement and attacks with detailed
diagram and explanation. The attacks that the network faces are being described
in each sub topic that are DOS attacks, privacy attack and physical attacks and
many more. With the growth of more advance technology there is more
vulnerability on the network which makes it easy for hacker and attackers. The
data collected by these nodes in the network is routed to the base station and
it is collectively too large. Hence, the security plays very important role in
wireless sensor network. The cryptography makes sure that data are secured and
it isn’t manipulated. For additional
security, adding of public key is done as described in the topic.
References
Adrian Perrig, J. S. D. W., 2004. Security in
Wireless Sensor Networks.
Chris Karlof, D. W.,
2003. Secure Routing in Wireless Sensor Networks. Attacks and
Countermeasures, pp. 299-302.
H. Chan, A. P. a. D.
S., 2003. Random key predistribution schemes for sensor networks. s.l.,
In Proceedings of the 2003 IEEE Symposium on Security and Privacy..
H. Zhu, F. B. R. H.
D. a. K. K., 2004. Computing of trust in wireless networks. Los
Angles, California, Proceedings of 60th IEEE Vehicular.
John Paul Walters, Z.
L. W. S. a. V. C., 2006. Wireless Sensor Network Security: A Survey. Department
of Computer Science.
Kim, J. H. a. Y.,
2004. Revisiting random key pre-distribution schemes for wireless sensor
networks. In Proceedings of the 2nd ACM workshop on Security of Ad hoc and
Sensor Networks, p. 43–52.
Pathan, A. H.-W. L.
C. S. H., 2006. Security in wireless sensor networks: issues and challenges. Advanced
Communication Technology.
Stajano, A. R. B. a.
F., 2003. Location Privacy in Pervasive Computing. s.l., IEEE
Pervasive Computing.
W. Du, J. D. Y. S. H.
a. P. K. V., 2003. A pairwise key pre-distribution scheme for wireless
sensor networks. New York, s.n., p. 2–51.
Y. Hu, A. P. a. D. B.
J. P. l., 2003. defense against wormhole hole attacks in wireless
networks. s.l., INFOCOM.
Z. L. W. S. a. V.,
2006. Wireless Sensor Network Security: A Survey. Department of Computer
Science Wayne State University.