18-08-2012, 10:24 AM
Wireless Sensor Networks Security
![Microsoft Word Document .doc](https://seminarproject.net/images/attachtypes/doc.gif)
Introduction
As the use of wireless sensor networks becomes increasingly more common, especially in data-sensitive environments, routing security is emerging as a primary concern. Many sensor networks have proposed sensor network routing protocols but few consider or implement security goals.
We, the authors, researched the uses of wireless sensor networks last semester and our research focused on their use in Mass Causality Events (MCE). In these events, motes are attached to a patient’s wrist and are tasked with transmitting vital information about the patient’s condition, medical history, and personal data to emergency personnel. The transmitting of personal data over wireless communication became an obvious security concern and was identified as one of the primary challenges to the use of wireless sensor networks.
Network Assumptions
There are numerous assumptions that can be made about the wireless sensor network. These networks use wireless communications which are typically radio links. Radio links inject many security concerns into our network. Radio links are susceptible to intruder eavesdropping, the injection of bits into the channel, and the recording and replay of previously heard packets.
The second primary network assumption deals with the physical aspects of the sensor nodes. An attacker can either insert malicious nodes into our network or tamper with an existing node. These new nodes or tampered nodes are capable of colluding to attack the network. An intruder can capture critical data or material from a tampered node.
Trust Requirements
The key trust requirement for wireless sensor network protocols is trustworthiness. Due to the fact that networks rely heavily on base stations as the interface to the outside world and to send dependable messages, it is important to be able to assume that they are trustworthy. By trustworthy, we mean the ability to trust them if necessary and assume they will behave correctly under the applied conditions. If a significant number of base stations are compromised the network is deemed useless.
Methodology
Four primary threat models were identified and explored during research; mote-class attackers, laptop-class attackers, outsider attacks and insider attacks. Mote-class attackers gain access to one or more sensor nodes with capabilities similar to those nodes of the exploited network. Laptop-class attackers use devices with laptop or equivalent capabilities and resources. Due to this increase in resources and capabilities, the laptop-class attackers have an advantage over mote-class attackers and the nodes of the exploited network. For example, a mote-class attacker may be able to block the radio connection in its immediate area while a laptop-class attacker will be able to block communication over the entire network.
Methodology
Four primary threat models were identified and explored during research; mote-class attackers, laptop-class attackers, outsider attacks and insider attacks. Mote-class attackers gain access to one or more sensor nodes with capabilities similar to those nodes of the exploited network. Laptop-class attackers use devices with laptop or equivalent capabilities and resources. Due to this increase in resources and capabilities, the laptop-class attackers have an advantage over mote-class attackers and the nodes of the exploited network. For example, a mote-class attacker may be able to block the radio connection in its immediate area while a laptop-class attacker will be able to block communication over the entire network.
Data Authentication
In sensitive situations and more importantly in situations where decisions are being made based on transmitted data, authentication is pertinent. Data authentication allows a receiver to verify that the data really was sent by the claimed sender2. This is important because an adversary can easily inject messages into the network. This is considered one of the most common forms of attacks. The receiver needs to be able to identify the sender and ensure that the data is valid before operating on that data.
Achieving data authentication can be done with symmetric key mechanisms in two party communications. This is simply a network where the two parties share a single secret key for passing messages.
Sybil Attack
The Sybil attack is very straightforward. An adversary node inserted into the network simply presents multiple identities to the network. By doing so, it greatly reduces the effectiveness of the network in terms of fault-tolerance, routing, and maintenance.
The Sybil attack is most effective in geographic routing protocols. Such protocols often process communication between nodes by passing a pair of coordinates to their neighbors. Essentially, with the Sybil attack a node adversary can “be in more than one place at once.3”
Wormholes
The underlying purpose of a wormhole is to replay messages in a network. An adversary tunnels messages received in one part of the network over a low latency link and replays them in a different part3. Packets transmitted via the wormhole have a lower latency than those traveling between those same nodes over the normal network.
Conclusion
Since we last explored the use of wireless sensor networks, little advancement has been made in making these wireless sensor networks more secure although the security need still exists. The best defenses to date are link layer encryption and authentication using a globally shared key. These mechanisms are considered to provide reasonable defense for mote-class outsider attacks which, as stated in the Challenges section, leaves the network very vulnerable to laptop-class and insider attacks.
Cryptography has been explored and is basically inefficient in preventing against laptop-class and insider attacks.