SECURITY IN WIRELESS SENSOR NETWORKS
As wireless sensor networks continue to grow and gaining in popularity, so the need for effective security mechanisms. There are currently large researches potential in the field of wireless sensor network security .The reason for the increase in its popularity due to the potentially low cost solution to the numerous types of real world challenges .Security in the senor networks is major issues as it deals with sensitive data or operative in unattended environments. Scalability and limited resources make security solutions challenging in the wireless sensor networks. Traditional computer security techniques in a wireless sensor networks faces many obstacles to the implementation due to resource constraints like lack of data storage and power consumption Some aspects of wireless sensor network, challenges are secure and efficient routing, data aggregation ,group formation and in addition to these tradition security issues like nodes are cooperative and trustworthy. Many more security issues in the field of wireless sensor networks argue the physical attacks to sensor play, many attacks designed to exploit the unreliable communication channels, unattended operation of wireless networks Sensor networks are defined to the heterogeneous systems with tiny sensors and actuators with general purpose computing elements. Sensor Network is combination of self organizing, low power, and low cost wireless nodes. Sensor Networks are used in many application /fields and are as follows burglar alarms ,inventor control ,medical monitoring and emergency response ,monitoring remote or inhospitable habitants ,target tracing in the battle field, disaster relief networks, early fire detection in forest and environmental monitoring. These demand very demanding environment to provide security. Secure routing secure discovery verification of location, key managements are the most issues which face the many security challenges
Security challenges in WSN's:
Get your grade
or your money back
using our Essay Writing Service!
* Data confidentiality
* Data integrity
* Key establishment
* Secure routing
* Secure group management
* Intrusion detection
* Secure data aggregation
Attacks on WSN's
Common Attacks: As the wireless medium is used as the main transmission hannel in WSN, it is easily subject to various types of attacks, either passive (eavesdropping) or active (data injection).
Denial of Service Attacks (DoS): These attacks prevent any part of WSN from functioning correctly or in a timely manner. Such attacks can target the communication channel (e.g. jamming) or the life of the nodes themselves (e.g. power exhaustion).
Node Compromise: An embedded device is considered being compromised when an attacker, through various means, gains control or access to the node itself after it is being deployed. These attacks are usually utilized as a foundation for more powerful, damaging attacks.
Side-channel Attacks: An adversary can monitor certain physical properties of the nodes, such as electromagnetic emanation, whenever it performs a cryptographic operation. If the recorded physical values are influenced by the secret key, then the adversary can extract information about that key.
Impersonation Attacks: A malicious sensor node can create multiple fake identities (sybil attack), and also can create duplicates with the same identity (replication attack). These types of attacks are also the initial step which enables the attacker to conduct a wide range of malicious attacks.
Protocol-specific Attacks: Some essential protocols used in WSN, such as routing, aggregation, and time synchronization, are targeted by specific attacks that aim to influence the internal services of the network.
Finally on the basis of the above introduction security in wireless sensor networks are classified as follows
1. The obstacles to the sensor network security
2. The requirement /sources for the WSN
4. Defensive measures
2.) OBSTACLES AT SENSOR NETWORK
When compared with traditional computers networks, WSN is special network which has constraints.
2.1) very limited resources:
Data memory, code space energy to the sensor is the resources for the implementation of security in WSN (wireless sensor networks) .These resources are limited in a tiny sensor network
a) limited memory & storage space:
In order to build an effective sensor network security it is necessary to limit the code size as the tiny sensor device has only a little amount of memory and storage space of code. So the code for the security must be small.
Always on Time
Marked to Standard
b) power consumption:
It is the biggest constraint to WSN as one sensor node deployed in a WSN cannot be easily replaced (i.e. due to high replacement cost). So when implementing a crytopraphic function the power consumption of added security code must be considered.
2.2) Unreliable communication:
It is another threat to the sensor security, as the security of the network depends on the defined protocol in vise versa depends on the communication.
a) Unreliable transfer: A packet based routing is a connectional less and thus inherently unreliable .The unreliable wireless channel also leads to the loss of packets/damages packets .Higher channel rate forces the s/w developer gather resources for the error handling. If the communication channel is unable to handle the error it may lead to the loss of critical security packets (for instance cryptographic key)
b) Conflicts: This occurs in some cases even if the channel may be reliable but due to broadcast nature of the sensor network. In high defense sensor network this may be a major problem.
c) Latency: Achievement of synchronization between the nodes is difficult due to latency in the network. The reason for latency in WSN are multi hop routing network congestion, node processing The synchronization among the sensor node may be major issues in the case of sensor security where the security mechanism relies on the event report and cryptographic key distribution.
Sensor nodes may be unattended due to its functional operation.
a) Exposure of physical attacks : As the name itself describes the attacks on the sensor nodes (i.e. is open to adversary ,bad weather.)
b) Managed remotely: Virtually it is impossible to detect the physical tampering and physical maintained issues in the remote management of sensor network.
c) Central management point.
3) SECURITY REQUIREMENTS:
Both the typical network requirements and the unique requirements suited solely to the wireless sensor networks. A sensor network is a special type of network.
3.1) Data confidentiality:
When it comes to the security issues data confidentiality major challenge in any type of network, for sensor network is as follows.
1. Should not leak any sensor reading to the neighbors(i.e. In the case of military application the data stored in the sensor node is highly sensitive data)
2. Communication between the nodes (i.e. key distribution plays a major role in the build secure WSN.)
3. Public sensor information should be secure to protect against traffic analysis attacks.
3.2) Data Integrity:
Data is not secure even with implementation of data confidentiality. Data Integrity must be embossed so that the data is not altered during the transmission.
3.3) Data Freshness:
It is also be added along with the data confidentiality and data integrity. It plays a important role in the shared key strategies in a network. In these the newly generated key is propagated on the network. As it takes time during the time adversary to use the replay attack to destroy the network. To overcome this Time Related Counter is to be added.
* Addition consumption of energy.
* Addition communication also leads to consume more energy
* If using the central point scheme lead to single point failure.
All the above actions weaken the availability of nodes.
3.5) Self organization:
It is similar to ad-hoc network which does not have fixed infrastructure available for the network management. Sensor nodes to be independent and flexible enough to be self organization, self healing according to the conditions. This feature makes WSN to face many challenges .A WSN must be self organizing to make multi hop routing, to conduct key management, build trust relation among sensors.
3.6 ) Time synchronization:
Many WSN relay on the time synchronization (like in order to reduce the power consumption an individual sensor radio may be turned off a period of time.
3.7 ) Secure localization:
A secure network designed to locate faults need accurate location information in order to pinpoint the location of a fault .techniques like VM (verifiable multiplication), SeRLoC (secure range Independent localization).
3.8 ) Authentication:
This Essay is
a Student's Work
This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.Examples of our work
When constructing a sensor network authentication is needed for many tasks so message authentication is important aspect in sensor network.
Due to the broadcast nature of wireless network are more vulnerable to attacks, in addition to these WSN has some more vulnerabilities because nodes are often placed in a hostile or dangerous environments where they are not physically protracted.
4.1) passive information gathering:
In this type attacker with powerful receiver and well designed antenna can easily pick the data stream. If the information thus retrieved contains the physical locations of the sensor node allows the intruder to destroy the nodes. To overcome this, a strong encryption technique needs to be used.
4.2) Subversion of a node:
This type of attack is described as, a node in a WSN might be captured and information stored in it gained by the adversary.
4.3) False node & malicious data:
A “sleep deprivation torture” attack is defined as any intruder may add a node to the network with false data in it. Adding malicious data is most dangerous attack. The effects that are caused by an intruder by using spoofing, altering or replaying routing information, or able to create the routing loops, attack/replay network traffic, shorten/extend source routes ,generate the false error message , increase the end to end latency.
By using the strong authentication techniques can prevent intruder from behaving as valid node in the sensor.
4.4) The Sybil attack.
Is a type of attack “malicious device illegitimately taking a multiple identities”. Authentication & encryption techniques can prevent the Sybil attacks.
4.5) Attacks against privacy:
The most privacy problem is not the sensor network enable the collection of information. By direct site surveillance much information from the sensor network could be probably collected. Rather, sensor networks aggravate the privacy problem because they make large volumes of information easily available through remote access. Some of the common attacks are as fallows.
• Monitor and Eavesdropping: this is one of the most obvious attacks to privacy. The adversary can easily discovery the communication contents by listening to the data. When the traffic contains the control information of the WSN configuration, may have potentially more detailed information than accessible through the location server, the eavesdropping can act effectively against the privacy protection.
• Traffic analysis: traffic analysis is typically contains both monitoring and eavesdropping. Specific sensor has registered activity can be detected if the packets transmitted is increased between certain nodes. By the analysis on the traffic, some sensors with special roles or activities can be effectively identified.
• Camouflage Adversaries can insert their node or compromise the nodes to hide in the sensor network. After that these nodes can masquerade as a normal node to attract the packets, then misroute the packets, e.g. forward the packets to the nodes conducting the privacy analysis.
4.6) Physical attacks:
As WSN operate in hostile outdoor environments., environments, the small form factor of the sensors, coupled with the unattended and distributed nature of their deployment make them highly susceptible to physical attacks. Physical attacks destroy the nodes completely not like other attacks mentioned above, are irreversible.. If an adversary makes the sensor node compromises, then the code inside the physical node may be modified.
5) DEFENSIVE MEASEURS:
Now we are going to describe the measures for satisfying security requirements, and protecting the sensor network from attacks. We start with key establishment in wireless sensor networks, which lays the foundation or the security in a wireless sensor network, followed by defending against , secure broadcasting and multicasting, defending against attacks on routing protocols, combating traffic analysis attacks, defending against attacks on sensor privacy, intrusion detection, secure data aggregation, defending against physical attacks, and trust management.
5.1 key management:
This is most important factor that receives the great deal of attention is key management. Due to their size, mobility and computational/power constraints in the aspect of WSN are unique. Indeed, researchers envision wireless sensor networks to be orders of magnitude larger than their traditional embedded counterparts. This, coupled with the operational constraints described previously, makes secure key management an absolute necessity in most wireless sensor network designs. In wireless sensor network to defend, encryption and key management/establishment are so crucial.
One of the most among the many public key protocols used for the key establishment is Delffie - Hellman public key protocol. Most of the traditional techniques are not suitable to WSN (because of low power devices). This is fact that typical key exchange techniques use asymmetric cryptography, also called public key cryptography [1 2 5 16]. In this problem, it is necessary to maintain two mathematically related keys, one of which is made public while the other is kept private. So this allows data to be encrypted with the public key and decrypted only with the private key. The problem that arises in WSN with the use of asymmetric cryptography is that it is typically too computationally intensive for the individual nodes in a sensor network. So Symmetric cryptography is replacement of asymmetric cryptography for the application that cannot afford the computational complexity. Symmetric schemes utilize a single shared key known only between the two communicating hosts, which is used for both encryption and decrypting data. The traditional example of symmetric cryptography is DES (Data Encryption Standard).Even though the usage of DES quite limited due to the fact that it can be broken relatively easily. Other symmetric cryptography systems have been proposed including 3DES (Triple DES), RC5, AES, and so on . In fact the problem that comes by using of the shared key is how to ensure that the shared key is indeed shared between the two hosts who wish to communicate and no other rogue hosts who may wish to eavesdrop.
5.1.2 Key establishment and Associated protocols:
Key pre-distribution  scheme that relies on probabilistic key sharing among nodes within the sensor network is proposed by Eschenauer and Gligor [4 10 11 17] . Before the deployment the system works by distributing a key ring to each participating node in the sensor network. From the pool of keys generated offline each key ring should consist of a number randomly chosen keys. It is not necessary to share a key by pair of nodes by using this technique [11 12]. But any have to establish a direct link to another the two nodes that do share a key may use the shared key. Further, Eschenauer and Gligor demonstrate that such a technique can be extended to key revocation, re-keying, and the addition/deletion of nodes. Further many other proposed many techniques are as fallows the LEAP protocol described by Zhu et al, Huang et al proposed a hybrid key establishment scheme that makes use of the difference in computational and energy constraints between sensor node and the base station.
5.1.3 Public key cryptography:
The most major techniques used to implement public-key cryptosystem are RSA and elliptic curve cryptography . But traditionally, these have been thought to be far too heavy-weight for use in wireless sensor networks. In Gura et al. report that both RSA and elliptic curve cryptography are possible using 8-bit CPUs with ECC, demonstrating a performance advantage over RSA. One more advantage resulted by se of ECC's 160 bit keys was shorter messages during transmission compared the 1024 bit RSA keys. Gura et al . Demonstrate that the point multiplication operations in ECC are an order of magnitude faster than private-key operations within RSA, and are comparable (though somewhat slower) to the RSA public-key operation.
5.2 secure multicasting:
Di Pietro et al  explains a directed diffusion based multicast technique that takes advantage of a logical key hierarchy and used in WSN . A central key distribution center is center is responsible for disbursing the keys throughout the network. Whereas the key distribution center, is the root of the key hierarchy while individual nodes make up the leaves. The keys used for re-keying process are maintained by the internal nodes of the key hierarchy. Directed diffusion is a data-centric, energy efficient dissemination technique that has been designed for use in wireless sensor networks. In directed diffusion, a query is transformed into an interest it then diffused throughout the network and the network begins collecting data based on that interest. Data collected as a result of the interest can then be sent back along the reverse path of the interest propagation .based on using logical key hierarchy Di Pietro et al. enhance the logical key hierarchy to create a directed diffusion. The logical key hierarchy technique provides mechanisms for nodes joining and leaving groups where the key hierarchy is used to effectively re-key all nodes within the leaving node's hierarchy. For the node joining and leaving directed diffusion is also used.
5.3 Secure broad casting:
Lazos and Poovendran explained [19 20] a tree based key distribution scheme . The proposed routing-aware based tree where the leaf nodes are assigned keys based on all relay nodes above them. They argue that their technique, which takes advantage of routing information, is more energy efficient than routing schemes that arbitrarily arrange nodes into the routing tree. They propose a greedy routing-aware key distribution algorithm. They use a similar technique to, but instead use geographic location information rather than routing information. For this case, nodes in a single cluster are able to reach another in same single broad cost however, nodes (with the help of the geographic location system) are grouped into clusters with the observation that nodes.
5.4 Defending Against the Sybil Attack:
To defend against the Sybil attack described previously in the network needs some mechanism to validate that a particular identify is the only identity in a given physical node. Direct validation and indirect validation are two methods explained by Newsome et al  to validate identities, A trusted node directly tests whether the joining identity is valid in direct validation In indirect validation, another trusted node is allowed to vouch for the validity of a joining node. Newsome et al. primarily describe direct validation techniques, including a radio resource test. In this, a node assigns each of its neighbors a different channel on which to communicate. The node then randomly chooses a channel and listens. If the node detects a transmission on the channel it is assumed that the node transmitting on the channel is a physical node. Similarly, if the node does not detect a transmission on the specified channel, the node assumes that the identity assigned to the channel is not a physical identity. Another technique to defend against the Sybil attack is to use random key pre-distribution techniques. The idea behind this technique is that with a limited number of keys on a key ring, a node that randomly generates identities will not possess enough keys to take on multiple identities and thus will be unable to exchange messages on the network due to the fact that the invalid identity will be unable to encrypt or decrypt messages.
In this paper explained the security in WSN (wireless sensor networks) by grouping them into four main aspects of wireless sensor network security: obstacles, requirements, attacks, and defenses. And further more detailed explained the each group by o sub-categorized the major topics. The aim of this paper is to provide both a general overview of the rather broad area of wireless sensor network security, and give the main suggestion/citations such that further review and can be completed those who has the interest in research .With the growing demand in wireless sensor networks continue to grow and become more common, we expect that further expectations of security will be required of these wireless sensor network applications. Mainly In the addition of public key cryptography and the addition of public-key based key management will likely make strong security a more realistic expectation in the future. Hope that the current and future work in privacy and trust makes WSN (wireless sensor networks) a more attractive option in a variety of new arenas.
1. G. Gaubatz, J.P. Kaps, and B. Sunar. Public key cryptography in sensor networks - revisited. In 1st European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS 2004), 2004.
2. N. Gura, A. Patel, A. Wander, H. Eberle, and S. Shantz. Comparing elliptic curve cryptography and rsa on 8-bit cpus. In In 2004 workshop on Cryptographic Hardware and Embedded Systems, August 2004.
3. H. Chan, A. Perrig, and D. Song. Random key predistribution schemes for sensor networks. In Proceedings of the 2003 IEEE Symposium on Security and Privacy, page 197. IEEE Computer Society, 2003.
4. D. Liu, P. Ning, and R. Li. Establishing pairwise keys in distributed sensor networks. ACM Trans. Inf. Syst. Secur., 8(1):41-77, 2005.
5. R. Watro, D. Kong, S. Cuti, C. Gardiner, C. Lynn, and P. Kruus. Tinypk securing sensor networks with public key technology. In Proceedings of the 2ndACM workshop on Security of Ad hoc and Sensor Networks (SASN '04), New York, NY, USA, 2004. ACM Press.
6. B. Schneier. Applied Cryptography. Second Edition, John Wiley & Sons, 1996.
7. A. D. Wood and J. A. Stankovic. Denial of service in sensor networks. Computer, 35(10):54-62, 2002.
8. A. D. Wood and J. A. Stankovic. Denial of service in sensor networks. Computer, 35(10):54-62, 2002.
9. Y. W. Law, J. Doumen, and P. Hartel. Survey and benchmark of block ciphers for wireless sensor networks. ACM Trans. Sen. Netw., 2(1):65-93, 2006.
10. L. Eschenauer and V. D. Gligor. A key-management scheme for distributed sensor networks. In Proceedings of the 9th ACM conference on Computer and communications security, pages 41-47. ACM Press, 2002.
11. W. Du, J. Deng, Y. S. Han, and P. K. Varshney. A pairwise key pre-distribution scheme for wireless sensor networks. In CCS '03: Proceedings of the 10th ACM conference on Computer and communications security, pages 42-51, New York, NY, USA, 2003. ACM Press.
12. J. Hwang and Y. Kim. Revisiting random key pre-distribution schemes for wireless sensor networks. In Proceedings of the 2nd ACM workshop on Security of Ad hoc and Sensor Networks (SASN '04), pages 43-52, New York, NY, USA, 2004. ACM Press.
13. S. Zhu, S. Setia, and S. Jajodia. Leap: efficient security mechanisms for largescale distributed sensor networks. In CCS '03: Proceedings of the 10th ACM conference on Computer and communications security, pages 62-72, New York, NY, USA, 2003. ACM Press.
14. J. Newsome, E. Shi, D. Song, and A. Perrig. The sybil attack in sensor networks: analysis & defenses. In Proceedings of the third international symposium on Information processing in sensor networks, pages 259-268. ACM Press, 2004.
15. R. Di Pietro, L. V. Mancini, Y. W. Law, S. Etalle, and P. Havinga. LKHW: A directed diffusion-based secure multicast scheme forwireless sensor networks. In First International Workshop on Wireless Security and Privacy (WiSPr'03), 2003.
16. D. J. Malan, M. Welsh, and M. D. Smith. A public-key infrastructure for key distribution in tinyos based on elliptic curve cryptography. In First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON, 2004.
17. M. Gruteser and D. Grunwald. A methodological assessment of location privacyrisks in wireless hotspot networks. In First International Conference on Security in Pervasive Computing, 2003.
18. Q. Huang, J. Cukier, H. Kobayashi, B. Liu, and J. Zhang. Fast authenticated key establishment protocols for self-organizing sensor networks. In Proceedings of the 2nd ACM international conference on Wireless sensor networks and applications, pages 141-150. ACM Press, 2003.
19. L. Lazos and R. Poovendran. Secure broadcast in energy-aware wireless sensor networks. In IEEE International Symposium on Advances in Wireless Communications (ISWC'02), 2002.
20. L. Lazos and R. Poovendran. Energy-aware secure multicast communication in ad-hoc networks using geographic location information. In Proceedings of IEEE International Conference on Acoustics Speech and Signal Processing, 2003.
21. Chris Karlof *, David Wagner Secure routing in wireless sensor networks: attacks and countermeasures University of California at Berkeley, Berkeley, CA 94720, USA Available online 14 August 2003. At www.computer science web.com
22. S Kaplantzis - Conversion report, Monash University, 2006 - Citeseer Security Models for Wireless Sensor Networks
23. N Ahmed, SS Kanhere, S Jha - ACM SIGMOBILE Mobile Computing …, 2005 - portal.acm.org The Holes Problem in Wireless Sensor Networks: A Survey School of Computer Science and Engineering, UNSW, Sydney, Australia_ National ICT Australia(NICTA_), Sydney, Australia.
24. IF Akyildiz, W Su, Y Sankarasubramaniam, E Cayirci - Computernetworks, 2002 - Elsevier Wireless Sensor Networks: A Survey Revisited COMPUTER NETWORKS JOURNAL (ELSEVIER SCIENCE)
25. M Saraogi - Department of Computer Science University of Tennessee, Knoxville SECURITY IN WIRELESS SENSOR NETWORKS
26. Javier Lopez, Rodrigo Roman, and Cristina Alcaraz Computer Science Department University of Malaga, Spain Analysis of Security Threats, Requairements, Technologies and Standards in Wireless Sensor Networks 0302-9743 (Print) 1611-3349 (Online) publisher Springer Berlin / Heidelberg isbn 978-3-642-03828-0
27. Dr. Kashif Kifayat Professor Madjid Merabti School of Computing and Mathematical Sciences Liverpool John Moores University Security in Wireless Sensor Networks.
28. FL Lewis - Smart environments: technologies, The University of Texas at Arlington http://arri.uta.edu/acs Wireless Sensor Networks