This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Wireless sensor networks are a new refinement of distributed systems that are an integral part of the physical space they are deployed in. Sensor networks are used to sense and reason data about the world that they are embodied in unlike most of the computers that work with data created by human. This made many of the researchers and commercial organizations put their imaginations to develop smart environment applications ranging from military services to home security systems. A smart environment relies on sensory data from the real world. The sensory data is originated from different sensors deployed in different locations. These smart environments not only need to know information about its surroundings but also need to know information about their internal working like accessing and evaluating information, decision making and routing the information securely.
Wireless sensor networks are subject to many attacks and many of the communication links are spied even without people noticing. Hence the primary issue is that how long can a sensor network survive and how fast they can recover after being attacked. So the main issue in wireless sensor networks is to design a security mechanism that provides confidentiality, integrity and authentication that can stand against the attacks.
Security in Wireless Sensor networks:
Wireless sensor networks should implement some of the security services to keep a check against the attacks against wireless sensor networks. Some of the basic security services that should be implemented are authenticity, confidentiality, integrity.
In a wireless sensor network, it is very easy for an infected node to inject malicious code into the network. In order to keep track of the sender of the message, whether the node is a trusted sender or not, nodes use a message authentication code. Authenticity makes possible for the receiver node to verify the identity of the sender and thereby preventing the malicious nodes to inject data into the network.
The nodes in the wireless sensor networks in some cases transmit highly sensitive data. In such cases, the data should be kept confidential so that unauthorized nodes cannot access the data. Encryption is the basic technique implemented to achieve confidentiality.
Integrity of the data defines that the data received by the receiver is intact and no changes are made to the original data that is transmitted. This helps in identifying if any modifications are made on the transmitted data during routing.
To develop a wireless sensor network fully secure, security should be incorporated in every single node on the network so that no node can easily become an attack point. In a conventional wired network, authenticity, confidentiality and integrity are achieved by end-to-end mechanism like SSL, IPsec as most of the traffic is end to end and the intermediate nodes just check the header for the destinations address and are not actually allowed to view the contents of the message. This does not apply in case of wireless sensor network as most of the traffic is many to one communication trying to send the sensor readings to a centrally located base station. To control the inflow of traffic coming towards the base station, these networks use data processing techniques like aggregation, duplicate elimination. As this processing requires intermediate nodes to process data, it is inappropriate to use end to end security mechanism between each node and the base station. So, link layer security architecture is used and it can detect packets injected by unauthorized nodes. The link layer security mechanism guarantees confidentiality, integrity and authenticity. The main security goals of link layer security mechanism are:
Access Control and Message Integrity
Routing Security Motivation:
To design a secure routing protocol in wireless sensor networks, one needs to analyze the routing attacks in WSN. The problems can be summarized as eavesdropping, fraud, tampering, relaying routing information, selective forwarding attack, sink hole attacks and many more.
Relayed Routing Information:
Relaying routing information is the most basic attack against the routing protocol in wireless sensor network that targets the routing information. By doing so, the malicious nodes can create routing loops, attract or repel network traffic, generate false error messages, partition the network and many more.
The main faith in the multi-hop networks is that the participating nodes will forward all received messages. In case of selective forwarding network, malicious nodes sometimes refuse to forward messages and drop them. The simplest form of the selective forwarding attack is the node objects to send every single message and has a high risk of detection and the most subtle form of the attack is that the node forwards only selective packets.
Hello Flood attack:
Hello flood is a novel attack against sensor networks. Some protocols need nodes to broadcast HELLO packets to tell themselves to neighbors. a node after receiving such type of packet may think that it is in normal radio range of the sender. This may be false: For example, an opponent advertising a high quality path to the base station to each and every single node in the network where in this case large number of nodes try to use that route, but all those nodes which are adequately far away from the opponent will send packets into coma. A node realizing the link to the opponent is Fake can be left out with few chances: all its neighbors may try to forward packets to the opponent also. Protocols which depend on restricted information exchange between neighboring nodes for topology maintenance. An opponent does not compulsory need to have ability to construct genuine traffic in order to use this attack. It can simply again broadcast transparency packets to every node with enough power, HELLO floods can also be thought of as one-way, broadcast wormholes.
In a sinkhole attack, the opponentâ€™s goal is to attract all the traffic from a particular area through a compromised node, creating a symbolic sinkhole with the opponent at the center. Because the nodes which are on or near the path in which the packets follow have many chances to corrupt with application data, sinkhole attacks have the ability to enable many other attacks. This attack naturally works by making a compromised node look attractive to nodes nearby with respect to the routing algorithm. For example, an opponent can replay an advertisement for a very high quality path to a base station. Some protocols may try to prove the quality of route with end-to-end acknowledgements containing reliability. Successfully, the opponent creates a large â€œfield of influenceâ€, attracting all traffic meant for a base station from nodes several hops away from the compromised node.
The goal of the security services in wireless sensor networks is to protect the information and the resources from attacks. The security requirements in wireless sensor networks include:
Availability: Availability makes sure that network services are available even in case of denial of service attacks.
Authorization: Authorization ensures that only authorized users can take part in the data exchange in the networks.
Authentication: Authentication ensures that the every node in the network can verify them by providing their identity in the network. And there is no malicious node that tries to pretend like a node in the network
Confidentiality: Confidentiality helps in keeping the original message being transmitted to be confidential and cannot be understood by others than the desired receiver.
Integrity: Integrity of the message determines whether the received message is intact and same as that sent by the sender.
Freshness: Freshness of the data implies that the data is recent and no malicious nodes can replay old messages.
Secure Topology with Routing Optimization:
The security algorithm proposed is generally a prevention type security. In this a secret key is provided to all the sensor nodes in and the information about the routes is encrypted. So the malicious nodes are prevented from eaves dropping. Consider a perimeter security application. There are some assumptions that we make in this case. The base station is not malicious, computationally robust and has enough memory and processer speed to support cryptographic and routing requirements. The radio range of the sensor is at most 15 meters and sensing range is 1 meter.
Single Collection and Authentication Point:
Consider a network in which base station correlates and aggregates information and each sensor communicates either directly or indirectly with the base station. In this security algorithm each sensor node shares a unique 64 bit key with the base station. If the nodes are not adjacent to the base station other nodes near to the base station act as intermediate nodes. The format of communication packet consists of preamble, header and payload. Preamble designates the address of the originating source; header contains recipientâ€™s address, nonce that is encrypted to using key. Payload contains the data that is being exchanged. The formation of the communication packet is shown as below: