06-10-2012, 03:42 PM
The Three-Tier Security Scheme in Wireless Sensor Networks with Mobile Sinks
Three tier security.doc (Size: 34.5 KB / Downloads: 125)
ABSTRACT
A wireless sensor network (WSN) consists of spatially distributed autonomous sensors to monitor physical or environmental conditions, such as temperature, sound, pressure, etc. and to cooperatively pass their data through the network to a main location. The WSN is built of "nodes" – from a few to several hundreds or even thousands, where each node is connected to one (or sometimes several) sensors. Each such sensor network node has typically several parts: a radio transceiver with an internal antenna or connection to an external antenna, a microcontroller, an electronic circuit for interfacing with the sensors and an energy source, usually a battery or an embedded form of energy harvesting. Size and cost constraints on sensor nodes result in corresponding constraints on resources such as energy, memory, computational speed and communications bandwidth. The topology of the WSNs can vary from a simple star network to an advanced multi-hop wireless mesh network. Wireless Sensor Networks (WSNs), an key technology for various applications that involve long-term and low-cost monitoring, such as battlefield reconnaissance, building inspection, security surveillance, etc. In most WSNs, the battery is the sole energy source of the sensor node. Sensor nodes are expected to work on batteries for several months to a few years without replenishing.
Mobile sinks (MSs) are vital in many wireless sensor network (WSN) applications for efficient data accumulation, localized sensor reprogramming, and for distinguishing and revoking compromised sensors. However, in sensor networks that make use of the existing key predistribution schemes for pairwise key establishment and authentication between sensor nodes and mobile sinks, the employment of mobile sinks for data collection elevates a new security challenge: in the basic probabilistic and q-composite key predistribution schemes, an attacker can easily obtain a large number of keys by capturing a small fraction of nodes, and hence, can gain control of the network by deploying a replicated mobile sink preloaded with some compromised keys. This article describes a three-tier general framework that permits the use of any pairwise key predistribution scheme as its basic component. The new framework requires two separate key pools, one for the mobile sink to access the network, and one for pairwise key establishment between the sensors. To further reduce the damages caused by stationary access node replication attacks, the authors have strengthened the authentication mechanism between the sensor and the stationary access node in the proposed framework. Through detailed analysis, the authors show that our security framework has a higher network resilience to a mobile sink replication attack as compared to the polynomial pool-based scheme.
When the sensing field is too far from the base station, transmitting the data over long distances using multihop may weaken the security strength (e.g., some intermediate may modify the data passing by, capturing sensor nodes, launching a wormhole attack, a sybil attack, selective forwarding, sinkhole), and increase the energy consumption at nodes near the base station, reducing the lifetime of the network.
In this paper, the authors proposed a general three-tier security framework for authentication and pairwise key establishment between mobile sinks and sensor nodes. The proposedscheme, based on the polynomial pool-based key predistribution scheme substantially improved network resilience to mobile sink replication attacks compared to the single polynomial pool-based key predistribution approach. Using two separate key pools and having few stationary access nodes carrying polynomials from the mobile pool in the network may hinder an attacker from gathering sensor data, by deploying a replicated mobile sink.