vampire attack

56
Page 1 CHAPTER 1 PREAMBLE 1.1 Introduction Wireless Sensor Network (WSN) consists of spatially distributed autonomous sensors to co-operatively monitor physical or environmental conditions such as temperature, sound, vibration, pressure, motion or pollutants. As WSNs have widely being used due to their breadth of applications by military, exploration teams, researchers and so on, it is very much necessary to provide security for the data against intruders. Preventing hacking of data in Wireless Sensor Networks from intruders or attackers can be accomplished by key management where the technique reduces the number of malicious links and further security of data can be given by encrypting the data so that attacker fails to get the original plain text. Key management technique for a secure application in Wireless Sensor Network must minimally incorporate the following features. Authenticity: The key establishment technique should guarantee that the communication nodes in the network have a way for verifying the authenticity of the other nodes involved in a communication, i.e., the receiver node should recognize the assigned ID of the sender node. Confidentiality: key management technique should control the un-authorized links to the nodes. Integrity: Integrity means no data falsification during transmissions. Here in terms of key establishment techniques, the meanings are explained as - only the nodes in the network should have access to the keys and this would effectively prevent unauthorized nodes from obtaining knowledge about the keys used, also preclude updates from external sources. Scalability: Efficiency demands that sensor networks utilize a scalable key establishment technique to allow for the variations in size typical of such a network. Key establishment techniques employed should provide high- security features for small networks, but also maintain these characteristics when applied to larger ones.

Upload: maregowda-r-byalachinta

Post on 10-Feb-2017

89 views

Category:

Engineering


3 download

TRANSCRIPT

Page 1: Vampire attack

Page 1

CHAPTER 1

PREAMBLE

1.1 Introduction

Wireless Sensor Network (WSN) consists of spatially distributed autonomous sensors

to co-operatively monitor physical or environmental conditions such as temperature,

sound, vibration, pressure, motion or pollutants.

As WSNs have widely being used due to their breadth of applications by

military, exploration teams, researchers and so on, it is very much necessary to

provide security for the data against intruders.

Preventing hacking of data in Wireless Sensor Networks from intruders or

attackers can be accomplished by key management where the technique reduces the

number of malicious links and further security of data can be given by encrypting the

data so that attacker fails to get the original plain text.

Key management technique for a secure application in Wireless Sensor

Network must minimally incorporate the following features.

• Authenticity: The key establishment technique should guarantee that the

communication nodes in the network have a way for verifying the authenticity

of the other nodes involved in a communication, i.e., the receiver node should

recognize the assigned ID of the sender node.

• Confidentiality: key management technique should control the un-authorized

links to the nodes.

• Integrity: Integrity means no data falsification during transmissions. Here in

terms of key establishment techniques, the meanings are explained as - only

the nodes in the network should have access to the keys and this would

effectively prevent unauthorized nodes from obtaining knowledge about the

keys used, also preclude updates from external sources.

• Scalability: Efficiency demands that sensor networks utilize a scalable key

establishment technique to allow for the variations in size typical of such a

network. Key establishment techniques employed should provide high-

security features for small networks, but also maintain these characteristics

when applied to larger ones.

Page 2: Vampire attack

Page 2

• Flexibility: Key establishment techniques should be able to function well in

any kind of environments and support dynamic deployment of nodes, i.e., a

key establishment technique should be useful in multiple applications and

allow for adding nodes at any time.

• Memory: Memory availability of sensor nodes is usually 6-8 Kbps, half of

which is occupied by a typical sensor network operating system, like TinyOS.

Key establishment techniques must use the remaining limited storage space

efficiently by storing keys in memory, buffering stored messages, etc.

• Prior Deployment Knowledge: As the nodes in sensor networks are deployed

randomly and dynamically, it is not possible to maintain knowledge of every

placement. A key establishment technique should not, therefore, be aware of

where nodes are deployed when initializing keys in the network. Another

important method by which the data in Wireless Sensor Networks could be

secured by encryption techniques where in the original message or plain text is

converted to another (non readable) form so that when its hacked by intruder it

becomes difficult to get back the original plaintext. Some of the features that

the encryption technique should incorporate are as follows

• Confidentiality: Confidentiality ensures that the exchanged data is kept secret

from any unauthorized entities over the network.

• Integrity: Integrityimplies that the message should be un-altered during its

transmission from a source to destination by any intermediate sensor or

malicious node.

• Authentication:It the process of identification that a receiving entity is sure

that the message it receives comes from a legitimate source.

1.2 Organization of Report

With this brief introduction, next Chapter 2 covers with Literature Survey, where all

the findings and observation, which is conducted as feasibility study before the actual

development of the project and finally concludes with the gaps that were found in the

study. Chapter 3 deals with the problem statement, which is going to be addressed in

this project work and also state the solution strategy. Chapter 4 deals with basics of

Wireless Sensor Network. Chapter 5 deals with regard tosecurity in Wireless Sensor

Networks, where it defines and describes some of the concepts of Key management

technique and also some schemes of encryption. Chapter 6 deals with system design

Page 3: Vampire attack

Page 3

where the entire flow of the project is represented by professional flow charts.

Chapter 7 deals with implementation where the steps involved in the creation of the

project work are discussed. It is defined with the assistant of code explanation for the

ease of reader. Chapter 8 mainly deals with the graphical user interface of the project

to show the output of the application. Further, by presenting the conclusion of the

work and the directions for future work are described in chapter 9.

Page 4: Vampire attack

Page 4

CHAPTER 2

LITERATURE REVIEW

The study of JinatRehana[1] on security of wireless sensor network discusses the

security problems of WSN based on its resource restricted design and deployment

characteristics and the security requirements for designing a secure WSN. Also, his

study documents the well-known attacks at the different layers of WSN and some

counter measures against those attacks. Finally, he discusses on some defensive

measures of WSN giving focus on the key management, link layer and routing

security.

A full approach for intrusion detection in wireless sensor network proposed by

Andreas A.Strikos[ 2] discusses the major threats that WSNs have to deal with when

WSN is used in some critical applications like defense, area monitoring etc.

Additionally he has mentioned existing countermeasures to deal with threats that arise

in WSN, but he focuses on intrusion detection where he combined the existing IDS

approaches and proposes the steps to build IDS for WSNs.

Wenliang Du, Jing Deng, Yunghsiang S. Han, Shigang Chen, and Pramod

K. Varshney[3] propose a key management scheme for wireless sensor networks

using deployment knowledge where a novel random key pre-distribution scheme that

exploits deployment knowledge and avoids unnecessary key assignments. Further it

has been proved the performance (including connectivity, memory usage, and

network resilience against node capture) of sensor networks can be substantially

improved with the use of their proposed scheme and discusses the shortcomings of

Diffie-Hellman and public-key based schemes.

The study made by Wenliang Du, Jing Deng Yunghsiang, S. Han Pramod

and K. Varshney[4] on key management in wireless sensor networks extended

abstract discuss on the properties of sensor nodes, components and its function. They

also discuss the various critical application where the wireless sensor networks are

used and also the security problems that arises in wireless sensor network like

attackers trying to get the information in WSN, trying to add some misleading

information to the original messages, listening to the traffic or impersonate one of the

network nodes. They also discuss the problem of how to distribute keys for secure

communication.

Page 5: Vampire attack

Page 5

Loukaslazos and RadhaPoovendran[5] propose a scheme for SeRLoc:

Robust Localization for wireless sensor networks where a novel range-independent

localization algorithm called SeRLoc that is well suited to a resource constrained

environment such as a WSN is proposed. SeRLoc is a distributed algorithm based on

a two-tier network architecture that allows sensors to passively determine their

location without interacting with other sensors. They show that SeRLoc is robust

against known attacks on WSNs such as the wormhole attack, the Sybil attack, and

compromise of network entitiesand analytically compute the probability of success for

each attack. They also compare the performance of SeRLoc with state-of-the-art

range-independent localization schemes and show that SeRLoc has better

performance.

DebarghAcharya and Vijay Kumar [6] propose a scheme for location aware

pair-wise key generation for wireless sensor networks where in they investigate the

key distribution problem in large wireless sensor networks and present one of two

secure communication schemes. Unlike others, their schemes do not store a key chain

in the memory from a universal key space and eliminate key broadcast. They have

made the key generation phase relatively more secured with the use of location

information. Authentication of sensor nodes is also an important issue and has been

taken into consideration in there schemes. Simulation of their schemes illustrate that

they outperform some existing key schemes and incurs less transmission and storage

cost.

A key management scheme in distributed sensor networks using attack

probabilities proposed by Siu-Ping Chan, RadhaPoovendran and Ming-Ting

Sun[7]make use of the a priori probability to design a variant of random key pre-

distribution method that improves the resilience and hence the fraction of

compromised communications compared to seminal works. They further relate the

key ring size of the subgroup node to the probability of node compromise, and design

an effective scalable security mechanism that increases the resilience to the attacks for

the sensor subgroups. Simulation results show that by using their scheme, the

performance can be substantially improved in the sensor network (including the

resilience and the fraction of compromised communications) that only sacrifices a

small extent in the probability of a shared key exists between two nodes, compared to

those of the prior results.

Page 6: Vampire attack

Page 6

A study on evaluation of overheads in security mechanisms in wireless sensor

networks by Tanveer Zia, Albert Zomaya and NedalAbabneh [8] reveals some of

the applications of wireless sensor networks to collect real time and event driven data.

In this study they have discussed three recently introduced security mechanisms (1)

TinySec (2) MiniSec and (3) TripleKeys. They have studied these security

mechanisms in terms of packet overheads and compared the packet transmission time,

average latency and energy consumption and the comparisions made by them shows

that the packet overheads in TripleKeys are lesser compared to other two schemes.

They have then used the 38 bytes packet size of TripleKeys for further analysis and

calculated the packet delivery ratio, latency and energy consumption. They have

observed that packet delivery ratio decreases when they increase the number of nodes

while latency and energy increases.

The study of secure wireless sensor networks: problems and solutions made

byFei Hu, Jim Ziobro, Jason Tillett and Neeraj K. Sharma [9]analyzes security

challenges in wireless sensor networks and summarizes key issues that should be

solved for achieving the ad hoc security. They give an overview of the current state of

solutions on such key issues as secure routing, prevention of denial-of-service and key

management service and also present some secure methods to achieve security in

wireless sensor networks. Finally they present integrated approach to securing sensor

networks.

S. Padma Priya and Mr. JayaramPradhan [10] propose a scheme foran

efficient security framework for detection and isolation of attackers in low rate

wireless personal area networks where they provide an efficient scheme for provide

an Efficient Security Framework (ESF) that protects both routing and data forwarding

operations. Their framework involves (i) Detection of malicious nodes by the

modified AODV protocol. (ii) Isolation of malicious nodes by using Multi-Signature

based tickets. Through by both analysis and simulation results, they demonstrate the

effectiveness of the framework in a highly mobile and hostile environment.

2.1 Gaps / Further enhancement found in the literature

survey

After reviewing several literatures, in WSN area, it has been noticed that (1) There is

limited research work done on key management scheme which takes the location of

sensor nodes into consideration while deciding the keys to be deployed on each node.

Page 7: Vampire attack

Page 7

(2) Combining of encryption with key management for securing data in Wireless

Sensor Network.

Page 8: Vampire attack

Page 8

CHAPTER 3

PROBLEM DEFINATION

3.1 Problem Statement

Since wireless sensor networks have been evolved, its major application find in the

field of military where securing the data from intruders or attackers is one of the most

important issues

3.2 Objectives of Project

The main objectives of the project work are as followings:

• To reduce the malicious links from attackers to the sensor nodes in WSN and

thus by providing secure communication link between nodes.

• To prevent the data from hacking by intruders/attackers.

3.3 Solution Strategy

Solution to the above problem is developing a key management system to secure

communication link between the nodes in Wireless Sensor Network by reducing the

attempt of attackers to establish malicious links to the sensor nodes and further

security for the data is provided by encryption schemes.

Fig 3.1 Problem domain and proposed solution

Wireless

SensorNetwork

To prevent malicious link and

to protect data.

Key management scheme to prevent malicious links and

encryption to protect data

Challenging

Issues

Solution

Strategy

Page 9: Vampire attack

Page 9

Chapter 4

Wireless Sensor Networks

Recent advances in MicroElectroMechanical systems(MEMS) technology, wireless

communications, and digital electronics have enabled the development of low-cost,

low-power, multifunctional sensor nodes that are small in size and communicate

untethered in short distances. These tiny sensor nodes, which consist of sensing, data

processing, and communicating components, leverage the idea of sensor networks

based on collaborative effort of a large number of nodes. Sensor networks represent a

significant improvement over traditional sensors, which are deployed in the following

two ways:

• Sensors can be positioned far from the actual phenomenon, i.e., something

known by sense perception. In this approach, large sensors that use some

complex techniques to distinguish the targets from environmental noise are

required.

• Several sensors that perform only sensing can be deployed. The position of the

sensors and communications topology is carefully engineered. They transmit

time series of the sensed phenomenon to the central nodes where computations

are performed and data are fused.

A sensor network is composed of a large number of sensor nodes, which are

densely deployed either inside the phenomenon or very close to it. The position of

sensor nodes need not be engineered or pre-determined. This allows random

deployment in inaccessible terrains or disaster relief operations. On the other hand,

this also means that sensor network protocols and algorithms must possess self-

organizing capabilities. Another unique feature of sensor networks is the cooperative

effort of sensor nodes. Sensor nodes are fitted with an on-board processor. Instead of

sending the raw data to the nodes responsible for the fusion, sensor nodes use their

processing abilities to locally carry out simple computations and transmit only the

required and partially processed data.

The above described features ensure a wide range of applications for sensor

networks. Some of the application areas are health, military, and security. For

example, the physiological data about a patient can be monitored remotely by a

doctor. While this is more convenient for the patient, it also allows the doctor to better

Page 10: Vampire attack

Page 10

understand the patient’s current condition. Sensor networks can also be used to detect

foreign chemical agents in theair andthe water. They can help to identify the type,

concentration, and location of pollutants. In essence, sensor networks will provide the

end user with intelligence and a better understanding of the environment.

Realization of these and other sensor network applications require wireless ad

hoc networking techniques. Although many protocols and algorithms have been

proposed for traditional wireless ad hoc networks, they are not well suited for the

unique features and application requirements of sensor networks. To illustrate this

point, the differences between sensor networks and ad hoc networks are outlined

below:

• The number of sensor nodes in a sensor network can be several orders of

magnitude higher than the nodes in an ad hoc network.

• Sensor nodes are densely deployed.

• Sensor nodes are prone to failures.

• The topology of a sensor network changes very frequently.

• Sensor nodes mainly use broadcast communication paradigm whereas most ad

hoc networks are based on point-to-point communications.

• Sensor nodes are limited in power, computational capacities, and memory.

• Sensor nodes may not have global identification (ID) because of the large

amount of overhead and large number of sensors.

4.1Sensor Networks Applications

Sensor networks may consist of many differenttypes of sensors such as seismic, low

sampling ratemagnetic, thermal, visual, infrared, and acoustic andradar, which are

able to monitor a wide variety ofambient conditions that include the following:

• temperature,

• humidity,

• vehicular movement,

• lightning condition,

• pressure,

• soil makeup,

• noise levels,

• the presence or absence of certain kinds of objects,

Page 11: Vampire attack

Page 11

• mechanical stress levels on attached objects, and

• the current characteristics such as speed, direction, and size of an object.

Sensor nodes can be used for continuous sensing, event detection, event ID,

location sensing,and local control of actuators. The concept ofmicro-sensing and

wireless connection of thesenodes promises many new application areas. Applications

of WSN can be categorized into military, environment, health, home and other

commercial areas. Itis possible to expand this classification with morecategories such

as space exploration, chemicalprocessing and disaster relief.

4.1.1 Military Applications

Wireless sensor networks can be an integral part of military command, control,

communications, computing, intelligence, surveillance, reconnaissance

andtargeting(C4ISRT) systems. The rapid deployment, self-organization and fault

tolerance characteristics of sensor networks make them a very promising sensing

technique for military C4ISRT. Since sensor networks are based on the dense

deployment of disposable and low-cost sensor nodes, destruction of some nodes by

hostile actions does not affect a military operation as much as the destruction of a

traditional sensor, which makes sensor networks concept a better approach for

battlefields. Some of the military applications of sensor networks are monitoring

friendly forces, equipment and ammunition; battlefield surveillance; reconnaissance

of opposing forces and terrain; targeting; battle damage assessment; and nuclear,

biological and chemical (NBC) attack detection and reconnaissance.

Monitoring friendly forces, equipment and ammunition: Leaders and

commanders can constantly monitor the status of friendly troops, the condition and

the availability of the equipment and the ammunition in a battlefield by the use of

sensor networks. Every troop, vehicle, equipment and critical ammunition can be

attached with small sensors that report the status. These reports are gathered in sink

nodes and sent to the troop leaders. The data can also be forwarded to the upper levels

of the command hierarchy while being aggregated with the data from other units at

each level.

Nuclear, biological and chemical attack detection and reconnaissance: In

chemical and biological warfare, being close to ground zero is important for timely

and accurate detection of the agents. Sensor networks deployed in the friendly region

Page 12: Vampire attack

Page 12

and used as a chemical or biological warning system can provide the friendly forces

with critical reaction time, which drops casualties drastically.

4.1.2 Environmental Applications

Some environmental applications of sensor networks include tracking the movements

of birds small animals, and insects; monitoring environmental conditions that affect

crops and livestock; irrigation;macro instrumentsfor large-scale Earth monitoring

and planetary exploration; chemical/biological detection; precision agriculture;

biologcal, Earth, and environmental monitoring in marine, soil, and atmospheric

contexts; forest firedetection; meteorological or geophysical research; flood detection;

bio-complexity mapping of the environment; and pollution study.

Forest fire detection: Since sensor nodes may be strategically, randomly, and densely

deployed in a forest, sensor nodes can relay the exact origin of the fire to the end users

before the fire is spread uncontrollable. Millions of sensor nodes can be deployed and

integrated using radio frequencies/ optical systems. Also, they may be equipped with

effective power scavenging methods, such as solar cells, because the sensors may be

left unattended for months and even years. The sensor nodes will collaborate with

each other to perform distributed sensing and overcome obstacles, such as trees and

rocks, that block wired sensor’s line of sight.

Flood detection: An example of a flood detection is the ALERT system deployed in

the US. Several types of sensors deployed in the ALERT system are rainfall, water

level and weather sensors. These sensors supply information to the centralized

database system in a pre-defined way. Research projects, such as the COUGAR

Device Database Project at Cornell University and the Data Space project at Rutgers,

are investigating distributed approaches in interacting with sensor nodes in the sensor

field to provide snapshot and long-running queries.

4.1.3 Home Applications

Some of the health applications for sensor networks are providing interfaces for the

disabled;integrated patient monitoring; diagnostics; drug administration in hospitals;

monitoring the movements and internal processes of insects or othersmall animals;

telemonitoring of human physiological data; and tracking and monitoring doctorsand

patients inside a hospital.

Page 13: Vampire attack

Page 13

Tracking and monitoring doctors and patientsinside a hospital: Each patient

has small and lightweight sensor nodes attached to them. Each sensor node has its

specific task. For example, one sensornode may be detecting the heart rate while

another is detecting the blood pressure. Doctors may alsocarry a sensor node, which

allows other doctors tolocate them within the hospital. Drug administration in

hospitals: If sensor nodescan be attached to medications, the chance ofgetting and

prescribing the wrong medication topatients can be minimized. Because, patients

willhave sensor nodes that identify their allergies andrequired

medications.Computerized systems asdescribed in have shown that they can

helpminimize adverse drug events.

4.1.4Health Applications

Home automation: As technology advances,smart sensor nodes and actuators can be

buried inappliances, such as vacuum cleaners, micro-wave ovens, refrigerators, and

VCRs. These sensornodes inside the domestic devices can interact witheach other

andwith the external network via theInternet or Satellite. They allow end users

tomanage home devices locally and remotely moreeasily.

4.1.5 Other Commercial Applications

Some of the commercial applications are monitoring material fatigue; building virtual

keyboards; managing inventory; monitoring product quality; constructing smart office

spaces; environmental control in office buildings; robot control and guidance in

automatic manufacturing environments; interactive toys; interactive museums; factory

process control and automation; monitoring disaster area; smart structures with sensor

nodes embedded inside; machine diagnosis; transportation; factory instrumentation;

local control of actuators; detecting and monitoring car thefts; vehicle tracking and

detection; and instrumentation of semiconductor processing chambers, rotating

machinery, wind tunnels, and anechoic chambers.

Environmental control in office buildings: The air conditioning and heat of

most buildings are centrally controlled. Therefore, the temperature inside a room can

vary by few degrees; one side might be warmer than the other because there is only

one control in the room and the air flow from the central system is not evenly

distributed. A distributed wireless sensor network system can be installed to control

the air flow and temperature in different parts of the room. It is estimated that such

Page 14: Vampire attack

distributed technology can reduce energy consumption by two quadrillion British

Thermal Units (BTUs) in the US, which amounts to saving of $55 billi

reducing 35 million metric tons of carbon emissions.

Detecting and monitoring car thefts: Sensor nodes are being deployed to detect

and identify threats within a geographic region and report these threats to remote end

users by the Internet for analysis.

4.2 Sensor Networks Communication Architecture

The sensor nodes are usually scattered in

these scattered sensor nodes has the capabilities to collect data and route data back to

the sink and the end

multihopinfrastructureless architecture th

may communicate with the task manager node via Internet or Satellite.

Fig 4.1:

The power management plane manages how a sensor node uses its power. For

example, the sensor node may turn o

of its neighbors. This is to avoid getting duplicated messages. Also, when the power

level of the sensor node is low, the sensor node broadcasts to its neighbors that it is

low in power and cannot participate in routing messages. The remaining power is

reserved for sensing. The mobility management plane detects and registers the

movement of sensor nodes, so a route back to the user is always maintained, and the

sensor nodes can keep track of who are their neighbor sensor nodes. By knowing who

the neighbor sensor nodes are

usage. The task management pla

a specific region. Not all sensor nodes in that region are required to perform the

distributed technology can reduce energy consumption by two quadrillion British

Thermal Units (BTUs) in the US, which amounts to saving of $55 billion per year and

reducing 35 million metric tons of carbon emissions.

Detecting and monitoring car thefts: Sensor nodes are being deployed to detect

and identify threats within a geographic region and report these threats to remote end

for analysis.

Networks Communication Architecture

are usually scattered in a sensor field as shown in Fig 4.1

these scattered sensor nodes has the capabilities to collect data and route data back to

users. Data are routed back to the end user by a

multihopinfrastructureless architecture through the sink as shown in Fig.4.1

may communicate with the task manager node via Internet or Satellite.

Fig 4.1: Sensor nodes scattered in a sensor field.

The power management plane manages how a sensor node uses its power. For

example, the sensor node may turn offits receiverafter receiving a message from one

of its neighbors. This is to avoid getting duplicated messages. Also, when the power

sensor node is low, the sensor node broadcasts to its neighbors that it is

low in power and cannot participate in routing messages. The remaining power is

reserved for sensing. The mobility management plane detects and registers the

movement of sensor nodes, so a route back to the user is always maintained, and the

sensor nodes can keep track of who are their neighbor sensor nodes. By knowing who

the neighbor sensor nodes are, the sensor nodes can balance their power and task

usage. The task management plane balances and schedules the sensing tasks given to

fic region. Not all sensor nodes in that region are required to perform the

Page 14

distributed technology can reduce energy consumption by two quadrillion British

on per year and

Detecting and monitoring car thefts: Sensor nodes are being deployed to detect

and identify threats within a geographic region and report these threats to remote end

field as shown in Fig 4.1. Each of

these scattered sensor nodes has the capabilities to collect data and route data back to

users. Data are routed back to the end user by a

rough the sink as shown in Fig.4.1. The sink

The power management plane manages how a sensor node uses its power. For

a message from one

of its neighbors. This is to avoid getting duplicated messages. Also, when the power

sensor node is low, the sensor node broadcasts to its neighbors that it is

low in power and cannot participate in routing messages. The remaining power is

reserved for sensing. The mobility management plane detects and registers the

es, so a route back to the user is always maintained, and the

sensor nodes can keep track of who are their neighbor sensor nodes. By knowing who

, the sensor nodes can balance their power and task

ne balances and schedules the sensing tasks given to

fic region. Not all sensor nodes in that region are required to perform the

Page 15: Vampire attack

sensing task at the same time. As a result, some sensor nodes perform the task more

than the others depending on

These management planes are needed, so that sensor nodes can work together

in a power efficient way, route data in a mobile sensor network, and share resources

between sensor nodes. Without them, each sensor node will just work individ

From the whole sensor network standpoint, it is more e

collaborate with each other, so the lifetime of the sensor netwo

Before discussing the need for the protocol layers and managemen

networks, mapping three existing work to the

Fig 4.2

The so-called WINS is developed in

access is provided to the sen

nodes are in large number,

between sensor nodes to

powerconsumption. The way in which data is routed bac

networks follows the arc

node, detects the environmental data, and

WINS nodes until it reac

sensor nodes A, B, C,D, and E accordi

The WINS gateway communicates with the userthrough conventional network

services, such as theInternet. The protocol stack of a WINS networkconsists of the

application layer, network layer,MAC layer, and physical layer. Also, it is explicitly

pointed out in that a low

sensing task at the same time. As a result, some sensor nodes perform the task more

than the others depending on their power level.

These management planes are needed, so that sensor nodes can work together

cient way, route data in a mobile sensor network, and share resources

between sensor nodes. Without them, each sensor node will just work individ

From the whole sensor network standpoint, it is more efficient if sensor nodes can

collaborate with each other, so the lifetime of the sensor networks can be prolonged.

the need for the protocol layers and management planes in sensor

three existing work to the protocol stack is done as shown in

Fig.4.2. The sensor networks protocol stack.

called WINS is developed in, wheredistributed network and Internet

ided to the sensor nodes, controls, and processors. Since the sensor

nodes are in large number, the WINS networks take advantage of this short

between sensor nodes to provide multihopcommunicationand minimize

. The way in which data is routed back to the user in the WINS

networks follows the architecture specified in Fig 4.1. The sensor node, i.e., aWINS

node, detects the environmental data, and the data is routed hop by hop through the

odes until it reaches the sink, i.e., a WINS gateway. So the WINS nodes are

D, and E according to the architecture in Fig 4.1.

The WINS gateway communicates with the userthrough conventional network

services, such as theInternet. The protocol stack of a WINS networkconsists of the

on layer, network layer,MAC layer, and physical layer. Also, it is explicitly

that a low-power protocol suitethat addresses the constraints of the

Page 15

sensing task at the same time. As a result, some sensor nodes perform the task more

These management planes are needed, so that sensor nodes can work together

cient way, route data in a mobile sensor network, and share resources

between sensor nodes. Without them, each sensor node will just work individually.

cient if sensor nodes can

rks can be prolonged.

t planes in sensor

as shown in

work and Internet

. Since the sensor

he WINS networks take advantage of this short distance

multihopcommunicationand minimize

he user in the WINS

. The sensor node, i.e., aWINS

he data is routed hop by hop through the

the WINS nodes are

The WINS gateway communicates with the userthrough conventional network

services, such as theInternet. The protocol stack of a WINS networkconsists of the

on layer, network layer,MAC layer, and physical layer. Also, it is explicitly

e constraints of the

Page 16: Vampire attack

Page 16

sensor networks should be developed.Different typesof sensornodes deployed alsolead

to different types of sensor networks.

4.3Application Layer

Although many application areas for sensor networks are definedand proposed,

potential application layer protocols for sensor networks remains a largely unexplored

region. There are three possible application layer protocolsi.e., sensormanagement

protocol (SMP), task assignment anddata advertisement protocol (TADAP), and

sensorquery and data dissemination protocol (SQDDP),needed for sensor networks

based on the proposedschemes related to the other layers and sensornetwork

application areas. All of these applicationlayer protocols are open research issues.

4.3.1 Sensor Management Protocol

Designing an application layer management protocol has several advantages. Sensor

networks have many different application areas, and accessing them through networks

such as Internet isaimed in some current projects. An application layer management

protocol makes the hardware and softwaresof the lower layers transparent to the

sensor network management applications.

System administrators interact with sensor networks by using SMP. Unlike

many other networks, sensornetworks consistof nodesthat donot have global IDs, and

they are usually infratructureless. Therefore, SMP needs to access the nodes by using

attribute-based naming and location-based addressing. SMP is a management protocol

that provides the softwareoperations needed to performthe followingadministrative

tasks:

• introducing the rules related to data aggregation, attribute-based naming and

clustering tothe sensor nodes,

• exchanging data related to the location findingalgorithms,

• time synchronization of the sensor nodes,

• moving sensor nodes,

• turning sensor nodes on and off,

• querying the sensor network configuration and the status of nodes, and

configuring the sensor network, and

• Authentication, key distribution and security in data communications.

Page 17: Vampire attack

Page 17

4.3.2 Task Assignment and Data AdvertisementProtocol

Another important operation in the sensor networks is interest dissemination. Users

send theirinterest to a sensor node, a subset of the nodes orwhole network. This

interest may be about a certain attribute of the phenomenon or a triggeringevent.

Another approach is the advertisement ofavailable data in which the sensor nodes

advertise the available data to the users, and the users querythe data which they are

interested in. An application layer protocol that provides the user softwarewith

efficient interfaces for interest disseminationis useful for lower layer operations, such

as routing.

4.3.3 Sensor Query and Data Dissemination Protocol

SQDDP provides user applications with interfaces to issuequeries, respond to

queries and collect incoming replies. Note that these queries are generally not issued

to particular nodes. Instead, attribute-based or location-based naming is preferred. For

instance, ‘‘the locations of the nodes that sense temperature higher than 70 °F’’ is an

attribute-based query. Similarly, ‘‘temperatures read by the nodes in region A’’ is an

example for location-based naming.

Sensor query and tasking language (SQTL) is proposed as an application that

provides evena larger setof services. SQTL supports three types of events, which are

defined by keywords receive, every, and expire. Receive keyword defines events

generated by a sensor node when the sensor node receives a message, every keyword

defines events occurred periodically due to a timer time-out and expire keyword

defines the events occurred when a timer is expired. If a sensor node receives a

message that is intended for it and contains a script, the sensor node then executes the

script. Although SQTL is proposed, different types of SQDDP can be developed for

various applications. The use of SQDDPs may be unique to each application.

4.4 TransportLayer

Transport layer is especially needed when the system is planned to be

accessedthrough Internet or other external networks. However, to the best of the

knowledge there has notbeen any attempt so far to propose a scheme orto discuss the

Page 18: Vampire attack

Page 18

issues related to the transport layerof a sensor network in literature. TCP with

itscurrent transmission window mechanisms doesmatchto the extreme characteristics

of the sensornetwork environment. An approach such as TCP splitting may be needed

to make sensor networks interact with other networks such as Internet. In this

approach, TCP connections are ended at sink nodes, and a special transport layer

protocol can handle the communications between the sink node and sensor nodes. As

a result, the communication between the user and the sink node is by UDP or TCP via

the Internet or Satellite. On the other hand, the communication between the sink and

sensor nodes may be purely by UDP type protocols, because each sensor node has

limited memory.

4.5 Network Layer

Sensor nodes are scattered densely in a fieldeither close to or inside the phenomenon

as shown in Fig 4.1. Special multihop wireless routing protocols between the sensor

nodes and the sink node are needed. The adhoc routing techniques do not usually fit

the requirements of the sensor networks. The networking layer of sensor networks is

usually designed according to the following principles:

• Power efficiency is always an important consideration.

• Sensor networks are mostly data centric.

• Data aggregation is useful only when it does not hinder the collaborative effort

of the sensor nodes.

• An ideal sensor network has attribute-based addressing and location

awareness.

4.6 Data Link Layer

The data link layer is responsible for the multiplexing of data streams, data frame

detection,medium access and error control. It ensures reliable point-to-point and

point-to-multipoint connections in a communication network. In the following two

subsections, we discusssome of the medium access and error control strategies

forsensor networks.

4.6.1 Medium Access Control

The MAC protocol in a wireless multihop self-organizing sensor network must

achieve two goals.The first is the creation of the network infrastructure. Since

Page 19: Vampire attack

Page 19

thousands of sensor nodes aredensely scattered in a sensor field, theMAC schememust

establish communication links for data transfer. This forms the basic infrastructure

needed forwireless communication hop by hop and givesthe sensor network self-

organizing ability. Thesecond objective is to fairly and efficiently

sharecommunication resources between sensor nodes.Traditional MAC schemes can

all be categorizedbased on their resource sharing mechanisms.

4.7 Physical Layer

The physical layer is responsible for frequencyselection, carrier frequency generation,

signal detection, modulation and data encryption. Frequency generation and signal

detection have more to do with the underlyinghardware and transceiver design and

hence arebeyond the scope of this report.

.

Page 20: Vampire attack

Page 20

Chapter 5

SECURITY IN WIRELESS SENSOR NETWORK

Security is a very important issue when designing or deploying any network or

protocol. However the recently developed networks as the wireless ones have not

given the necessary attention to security of data against intruders .

Security to the data in Wireless Sensor Network can be provided in two ways

5.1 Encryption

It is the process of transforming information(message) using an algorithm (called

cipher) and key (secret informatiom) to make it unreadable to any unauthorized

attacker .

5.1.1 Security services

• Confidentiality:Confidentialityensures that the exchanged data is kept secret

from any unauthorized entities over the network. It is usually achieved using

symmetric encryption which is more efficient concerning its consumption of

devices resources..

• Integrity:implies that the message should be un-altered during its transmission

from a source to destination by any intermediate sensor or malicious node. This

is usually done in conventional network using MAC (Message Authentication

Code) or digital signatures.

• Authentication:is the process of identification that a receiving entity is sure

that the message it receives comes from a legitimate source, this is ensured

using Public Key Infrastructure. However in WSN is usually done by pre-

distributing some bootstrapping information used after to authenticate sensors

by the base station.

5.1.2 Types of Encryption algorithms

Page 21: Vampire attack

Page 21

• Symmetric Encryption: It is a type of encryption method where in only one

key is used both for encryption and decryption..The use of single key makes

decryption process a simple reversal of encryption process. Examples for

symmetric encryption include AES, DES etc.

• Asymmetric Encryption: Asymmetric encryption uses two keys for both

encryption and decryption. In the way that any message encrypted with one of

the keys can only be decrypted with the other key. One of the keys is called

private key which is kept secret by it holder, and the second one is publicly

known by each entity in a given community, using these two keys, the

asymmetric encryption technique can ensure both confidentiality, integrity and

authentication. Often the management of generation, distribution, renewal and

publication of these keys is achieved by a trust party called Certificate authority

(CA) which composes what we call public key infrastructure (PKI) which is

recognized as the most efficient and powerful tool to ensure key management

in conventional networks. However PKI is omitted from the use in WSN,

because of its great consumption of energy and bandwidth which are very

crucial in sensor network, and all the most known solution given in literature is

the use of symmetric encryption which is more power saving. Example for

symmetric encryption includes RSA, Eliptic curve etc .

5.2 Key Management

5.2.1 Security Services

• Scalability:. Key management mechanism must support large networks, and

must be flexible against substantial increase in the size of the network even

after deployment,

• Efficiency: storage, processing and communication limitations on sensor

nodes must be considered while key management.,

• Key connectivity (probability of key-share): probability that two (or more)

sensor nodes store the same key or keying material. Enough key connectivity

must be provided for a WSN to perform its intended functionality by key

management.

• Resilience: key management should be effective against node capture.

Compromise of security credentials, information which are stored on a sensor

Page 22: Vampire attack

Page 22

node or exchanged over radio links, should not reveal information about

security of any other links in the WSN.

5.2.2 Key Management techniques

In literature exist several key management schemes trying to solve the problem of

security in WSN by taking into consideration the limitations of sensors (bandwidth and

energy), the majority of them are based on symmetric key encryption and some others

are based on asymmetric encryption:

Symmetric encryption based key management schemes

• Shared key: this solution is the simplest way for securing WSN, it uses a

single shared key to encrypt traffic over the network, and this key may be

periodically updated to ensure more security against eavesdropping. As any

other scheme based on single key, this scheme is vulnerable against capture

attack which is more possible in sensor network, since the capture of only one

sensor can compromise the shared key and then the whole network.

• Pre-distributed keys: these solutions assume the existence of an off-line

dealer which distributes a set of symmetric keys to sensors before their

deployment, for example the authors in [11] proposed a random key pre-

distribution scheme for WSN in which sensor obtains a subset of symmetric

keys from a large key pool. After deployment, each sensor tries to find a shared

key with each of its neighbors to secure the links with them. Other works have

been proposed under on the same idea in [ 12, 13,14] trying to solve the

problem of scalability and the manner of obtaining the session key between

sensors and the base station.

• Tinysec: is a link layer security protocol based on symmetric key encryption,

TinySec [15] supports two different security options: authenticated encryption

(TinySec-AE) and authentication only (TinySec-Auth). The use of MAC layer

security instead of end to end security may avoid denial of service attacks,

however this scheme still vulnerable to lot of attacks as capture attacks. In

Page 23: Vampire attack

Page 23

other hands, this protocol can be used by any other key management scheme as

an underlying tool for encryption.

• SPINS:Perrig and al. proposed SPINS, a suite of security protocols optimized

for sensor networks [16]. SPINS has two secure blocks, namely Secure

Network Encryption Protocol (SNEP) and µTESLA, which can be run over the

TinyOS operating system. SNEP is used to provide confidentiality through

encryption and authentication; while µTESLA is used to provide authentication

for broadcasted data.

• Cluster based protocols: these protocols are based on clustering, which mean

that the whole network is divided into clusters [17,18], then a set of symmetric

keys are used to ensure intra and inter cluster communication as well as

integrity, confidentiality and authentication over each cluster and therefore over

the whole network.

Public key based key management schemes

• Simplified SSL handshake: In [19], the authors give the energy cost analysis

of a simplified version SSL [20] applied to WSN, which reduces the amount of

exchanged data between any pair of nodes to save energy and bandwidth.

in the network as the one in SSL [20].

• TinyPK: The TinyPK system described in [21] is designed specifically to

allow authentication and key agreement between resource constrained sensors.

The protocol is designed to be used in conjunction with other symmetric

encryption based protocols as TinySec [15], in order to deliver secret key to

that underlying protocol. To do this, they implement the Diffie-Hellman key

exchange algorithm.

As said above using a session key between each pair of sensors is not

efficient andit consumes lot of energy and network bandwidth for the setup of

the session key beyond of the energy consumed by the encryption algorithms.

Using this scheme as an end-to-end security mechanism may be energy

efficient however Diffie-Hellman key agreement is very sensitive to man in

the middle attacks which can be easily performed in such situation.

Page 24: Vampire attack

Page 24

• Simplified Kerberos protocol: The authors in [22] proposed an adapted

version of Kerberos for WSN in order to setup a session key between each

communicating pair of sensors by contacting a trusted third party which may

be the base station or a cluster head in a hierarchical network. They assume

that a long term key is shared between each node and the trusted authority

which is responsible of the generation of the secret key for each pair of

sensors.

CHAPTER 6

SYSTEM DESIGN

The purpose of design is to plan the solution for a problem specified by the

requirements document. This phase is the first step in moving from problem domain

to the solution domain. In other words, starting with what is needed, design takes us to

work how to satisfy the needs. The design of the system is perhaps the most critical

factor affecting the quality of the software. System design aims to identify the

modules that should be in the system, the specifications of these modules and

specifies interaction with each other to produce the desired results.

6.1Functional requirements

The proposed system is expected to provide the following functionalities:

• The system should be able to reduce the malicious links from the attacker to

the nodes in the Wireless Sensor Network .

• The system should be able to minimize the hacking of data.

6.2 Non Functional requirements

Following are the non-functional requirements expected from the system

• The system must take into consideration the storage limitations of sensor

nodes for storing keys during key management and encryption schemes.

• System should be available round the clock except the time required for the

backup of data.

• This project work is open for any future modification and hence the work

could be defined as the one of the extensible work.

Page 25: Vampire attack

Page 25

• The system must be easy to use.

6.3 Design requirements

Design goals are used to identify the expected qualities from the system.Most of the

design goals of the system are inferred fromnon-functional requirements and the

application domain will follow the same set of criteria.

Sensor nodes in Wireless Sensor Networks usually suffer from limitation of

memory and battery life of sensor nodes .In order to meet the desired goal, memory of

sensor nodes and its battery or energy lifetime should be considered.So the issues that

need to be considered carefully while designing the system are:

Design issue 1: Constrained Memory Size

Design issue 2: Constrained Computational Capability

Design issue 3: Constrained battery life of sensor node.

6.4 Architecture of the System

The proposed architecture in Fig 6.1 shows different layers where system

initialization is the first layer in which sensor network boundary is initialized, sensor

nodes are deployed in the network boundary and each sensor nodes isassigned with

IDs. The next layer is the key management layer where in Location dependent key

management technique has been designed to reduce the malicious links to the sensor

nodes. In the next layer security to the data is provided by encrypting the data so that

it will be difficult for the attackers to get the original plain text even though some

malicious links have been established. In this layer three encryption systems namely

Domingo-Ferrer, Elliptic Curve Naccache-Stern(EC-NS), Elliptic Curve

ElGamal(EC-EG) has been designed and in the last layer performance of Location

dependent key management system along with these three encryptions are observed

independently.

These layering give us insight on how to decompose the system into

subsystems. In order to reduce the complexity and improve the quality of the system,

decomposing the system into loosely coupled subsystems is one of the known

approaches. The proposed system is decomposed into functional modules which

consists of key management technique and different encryption systems.. This is also

called a pipeline approach. A flow chart model may be used when decomposing a

system into subsystems, next section describes about flow charts.

Page 26: Vampire attack

Page 26

6.5Detailed Design

Detailed design for the proposed system consists of design features of each layer of

the proposed system.

6.5.1 Design of Key management phase

In key management phase Location dependent key management scheme is designed

where this scheme takes the location of sensor nodes into consideration while

deciding the keys to be deployed on each node. As a result, this approach reduces the

number of keys that have to be stored on each sensor node. This approach does not

require any knowledge about the deployment of sensor nodes.

Fig 6.1. Overall Architecture of the proposed system

The implemented scheme starts off with loading a single key on each sensor node

prior to deployment. The actual keys are then derived from this single key once the

sensor nodes are deployed.

Fig 6.2 shows Location dependent key management system. It can be

explained briefly as below.

Generate anchor node and initialize its range. Move the anchor node from

(xmin, ymin) to (xmax, ymax) at each instant with the incremental index so that it covers

entire network boundary. Initialize common key by using random number and

Page 27: Vampire attack

Page 27

transmit it to all nodes including anchor node. Define a set of key pool and check

whether common key is a member of key pool. If it is a member, then define another

key pool or else define a set of key ring from the existing key pool and assign them to

each sensor node. Generate power keys and assign it to anchor node. Encrypt those

power keys with common key using an efficient encryption algorithm. Range of

anchor node defines different power level represented by circles with reference to

anchor node. Draw trajectory to the sensor nods falling in different power levels

andtransmit encrypted keys in anchor node to different power levels based on the

criteria that all the power keys will be transmitted to the sensor nodes which belong to

highestpower level region and one less key to sensor nodes at next region and so on

and move anchor node as per incremental index.. Decrypt the encrypted keys at

sensor

No NN N

Yes

Start

Generate anchor node and set its

range

Define pause

time

Iterate anchor node from

(xmin,ymin) to

(xmax,ymax) of

network

boundary

Provide incremental

index

Initialize common

key(ck)

Transmit key ring to all

nodes

Generate key

pool

Generate power keys and assign

to anchor nodes

Encrypt power keys using ck

Compute radius of each power

level

Divide power levels

Transmit encrypted keys to nodes and move anchor

nodes acording to incremental

index

Draw trajectory for nodes on

different power

levels

Hash with

common keys

Obtain the

derived keys

Attacker generates

random keys

Attacker try to find the

common keys with sensor

nodes

If common keys are above

threshold

Page 28: Vampire attack

Page 28

Yes No

No

Fig 6.2: Location dependent key management system

nodes and hash them along with common key and call it as derived key. Attacker also

generates his own random set of keys and tries to establish the connection with sensor

nodes by finding the number of common keys between them. If the number of

common keys is more than threshold then it establishes the connection with sensor

nodes.

6.5.2 Design of Encryption Phase

In Encryption phase different encryption techniques are used to prevent the attacker

from getting original plain text.

6.5.2.1 Domingo FerrerEncryption algorithm

This is an symmetric encryption algorithm where in the length of plain text and

ciphertext are same. In this algorithm keys k and m are initialized and ciphertext is

calculated by taking mod (k+m, M) where ‘M’ is the original plaintext that needs to

be encrypted.

Is ck member of

key pool

Generate key

ring

Decrypt the keys at each sensor nodes

and add each of these keys with

key ring

Set up communication

link

Stop

Input plaintext

(M)

Start

Initialize k, m

Ciphertext=

mod (k+m,M);

Page 29: Vampire attack

Page 29

Fig 6.3: Domingo-Ferror Encryption algorithm

6.5.2.2 Elliptic Curve ElGamal (EC-EG) Encryptionalgorithm

Elliptical curve Elgamal (EC-EG) encryption is an asymmetric type of encryption

where the length of plain text and ciphertext are different .In this algorithm keys K, E,

P, G, X are initialized. Key Y is calculated by multiplying with keys X and Y.Key R

is calculated by multiplying with keys K and G .Key S is calculated by adding

plaintext with product of keys K and Y and then ciphertextis calculated by taking

matrix of R and S.

Stop

Start

Input plaintext

(M)

Initialize

K,E,P,G,X

Y=X*G

R=K*G

S=M+K*Y

Ciphertext= [ R S]

Stop

Page 30: Vampire attack

Page 30

Fig 6.4: Elliptic Curve ElGamal (EC-EG) Encryption algorithm

6.5.2.3 Elliptic Curve Naccache-Stern (EC-NS) Encryption algorithm

Elliptic Curve Naccache-Stern (EC-NS) algorithm is also an asymmetric type of

encryption algorithm where the length of plaintext is not same as the length of

ciphertext.

In this algorithm keys P, Q, B, Sigma, G and R are initialized. Key N is calculated by

multiplying keys P and Q.Key mu is calculated by taking lcm of keys P+1,Q+1 and

then ciphertext is calculated by taking the product of (M+sigma *R) and G where M

is the original plaintext which need to be encrypted.

Fig 6.5 : Elliptic Curve Naccache-Stern (EC-NS) Encryption algorithm

6.5.3 Security Analysis

Security analysis is done to find the probability of actual data (plaintext) that the

attacker is successful in hacking.

Start

Input plaintext

(M)

Initialize P, Q, B,

Sigma, G, R

N=P*Q

mu = lcm(P+1,Q+1)

C = (M+sigma*r)*G

Stop

Page 31: Vampire attack

Page 31

Attacker after succeeding in getting some of the malicious link to the sensor

nodes, gets the ciphertext from those nodes and tries to decrypt that ciphertext by

assuming the keys that are used in that encryption algorithm.

If the attacker succeeds in breaking the algorithm, he gets the actual data or

else he doesn’t get the data.

CHAPTER 7

IMPLEMENTATION

7.1 Introduction

The implementation phase of any project is the most important phase as it yields the

final solution, which solves the problem at hand. The implementation phase involves

the actual materialization of the ideas, which are expressed in the analysis document

and developed in the design phase. Implementation should be perfect mapping of the

design document in a suitable programming language in order to achieve the

necessary final product. Often the product is ruined due to incorrect programming

language chosen for implementation or unsuitable method of programming. It is better

for the coding phase to be directly linked to the design phase in the sense if the design

is in terms of object oriented terms then implementation should be preferably carried

out in a object oriented way. The factors concerning the programming language and

platform chosen are described in the next couple of sections.

The implementation stage in a system project involves

• Careful planning

• Investigation of the current system and the constraints on

implementation.

• Training of staff in the newly developed system.

Page 32: Vampire attack

Page 32

7.2 Selection of the platform

Windows XP provides the most dependable version of Windows ever with the best

security and privacy featuresWindows has ever provided. Overall, security has been

improved in Windows XP have a safe, secure, and private computing experience.

Windows XP is available in two editions—Windows XP Home Edition for home use,

and Windows XP Professional for businesses of all sizes. Security features in

Windows XP Home Edition make it even safer to shop and browse on the Internet.

Windows XP Home Editioncomes with built-in Internet Connection Firewall software

that provides you with a resilient defense to security threats when you're connected to

the Internet, particularly if you use always-on connections such as cable modems and

DSL. Windows XP Professional includes all of the security capabilities of Windows

XP Home Edition, plus other security management features. These important new

security features will reduce the IT costs and enhance the security of the business

systems. Windows XP Home Edition security services have been designed to be

flexible, and take into account a wide variety of security and privacy situations that

will be facedfor home users. If security model in Microsoft® Windows NT version

4.0 and Microsoft® Windows® 2000 are familiar and well known ,then many of the

security features in Windows XP Home Edition may be witnessed. At the same time

number of familiar features that have changed significantly, along with new features

that will improve the ability to manage system securitycan be witnessed. For example,

ife Internet is used to chat online or to send and receive e-mail, It may be vulnerable

to attacks. To protect from these threats, Windows XP has incorporated enhanced

security features that make online experience even safer. Let's take a look at the

important security and privacy features in Windows XP Home Edition that make the

information more secure while having the most productive Windows user experience

ever. Windows XP Professional includes a number of features that businesses can use

to protect selected files, applications, and other resources. These features include

access control lists (ACLs), security groups, and Group Policy—in addition to the

tools that allow businesses to configure and manage these features. Together they

provide a powerful, yet flexible, access control infrastructure for business networks.

Windows XP offers thousands of security-related settings that can be implemented

individually. The Windows XP operating system also includes predefined security

templates, which businesses can implement without modifications or use as the basis

Page 33: Vampire attack

Page 33

for a more customized security configuration. Businesses can apply these security

templates when they:

• Create a resource, such as a folder or file share, and either accept the default

access.

• Control list settings or implement custom access control list settings.

• Place users in the standard security groups, such as Users, Power Users, and

Administrators, and accept the default ACL settings that apply to those

security groups.

• Use the Basic, Compatible, Secure, and Highly Secure Group Policy templates

that have been provided with the operating system.

Each of the Windows XP security features—ACLS, security groups, and Group

Policy—have default settings that can be modified to suit a particular organization.

Businesses can also make use of relevant tools to implement and modify access

control. Many of these tools, such as the Microsoft Management Console snap-ins,

are components of Windows XP Professional. Other tools are included with the

Windows XP Professional Resource Kit.

7.3 Selection of Language

For the implementation of this project there is a need for flexible systems

implementation language. Compilation should be relatively straightforward. Compiler

should provide low-level access to memory, provide language constructs that map

efficiently to machine instructions and require minimal run-time support. Program

should be compiled for a very wide variety of computer platforms and operating

systems with minimal change to its source code. For Graphical User Interface

programming, language chosen must be simple to uses, secure, architecture neutral

and portable. Additional requirements of GUI are: 1) User interface management:

Windows, menus, toolbars and other presentation components be supported by the

language.2) Data and presentation management: language must contains a rich toolset

for presenting data to the user and manipulating that data. 3) The Editor: The

language should have a editor, a powerful and extensible toolset for building custom

editors. 4) The Wizard framework: A toolset for easily building extensible, user-

friendly Wizards to guide users through more complex tasks. 5) Configuration

management: Rather than tediously writing code to access remote data and manage

Page 34: Vampire attack

Page 34

and save user-configurable settings, etc., all of this is can be well handled by Matlab

Programming Language. Therefore Matlab is chosen for the GUI development.

7.4 Algorithm Description

7.4.1 Location dependent key management system

Location dependent key management system is used to prevent the malicious links by

attackers to the sensor nodes. Algorithm for Location dependent key management

system is given below.

Start

// Number of Sensor nodes

// Area length of sensor boundary

// Area width of sensor boundary

// Maximum range of then sensor node

// power levels for anchor nodes

// maximum radius anchor node

// Threshold for setting up link

// Common Key

Step 1:

Create coordinates for anchor node

Step 2:

Set anchor path so that each part of area is covered

Step 3:

Common key is given to all sensor nodes and anchor node

Step 4:

Generate random number till 10000

Step 5:

Take set of 2000 random numbers and assign as Key pool

Step 6:

If Common key is a member of Key pool

Go to Step 5

Page 35: Vampire attack

Page 35

Else

Continue

Step 7:

Take set of 100 random numbers from step 5, assign as Key ring and

give to each sensor nodes

Step 8:

Generate random number till 90

Step 9:

Generate five random keys from Step 8 and assign as Power keys

Step 10:

Take one by one Power key and encrypt it using Common key

Start

Encrypt (Power key, Common key)

1. Convert Power key to binary and store it in variable A

If mod common key, 7=0

A = [A (end); A (1: end-1)]

End

r =rem(commonkey.length (A))

Encrypted message = [A(r+1: end); A (1: r)]

2. Apply binarytomsg function for encrypted message.

Stop

Step 11:

Divide power levels between 0 and maximum radius to determine the

radius of different power levels

Step 12: Assign each power levels with different colors

1. 1st Power level with white color.

2. 2nd Power level with green color

3. 3rd Power level with blue color

4. 4th Power level with red color

5. 5thPower level with yellow color

Step 13:

Read one by one mobile anchor position and take the readings of the

movement.

Page 36: Vampire attack

Page 36

Step 14:

Draw the trajectory for each node who receives the encrypted Power

keys from anchor node

Step 15:

Each sensor nodes receives the encrypted Power keys by anchor node

based on the Power level to which they fall

If sensor nodes lie in the region of 1st Power level

Transmit all five encrypted Power keys to that node

Else If sensor nodes lie in the region of 2nd Power level

Transmit four encrypted Power keys to that node

Else If sensor nodes lie in the region of 3rd Power level

Transmit three encrypted Power keys to that node

Else If sensor nodes lie in the region of 4th Power level

Transmit two encrypted Power keys to that node

Else if sensor nodes lie in the region of 5th Power level

Transmit only one encrypted Power keys to that node

Step 16:

Decrypt the encrypted Power keys using common key

Step 17:

Perform hashing on Power key

Start

K= key hashing (power keys)

L= length(power keys)

// multi = 1

// sum1 = 0

For i=1: L

multi=power key{i}*multi

sum1 = sum1 + power key{i}

K= (multi-sum1)

Stop

Step 18:

Hashed power keys are appended with original Key ring to get Derived

keys.

Step 19:

Page 37: Vampire attack

Page 37

Distributeattackers in the region

Step 20:

Assume some random keys by attacker

Step 21:

Ifnumber of random keys between the attacker and sensor node

>=Threshold for setting up link

Set up malicious communication link between the two nodes

Else

Do not set up malicious communication link between the two

nodes

Step 22:

Find the probability of setting up communication link by the attacker

Stop

7.4.2 Encryption Algorithms

Encryption algorithms are used to protect data from attackers who have established

malicious link to sensor nods .Three different encryption algorithm have been

discussed below

7.4.2.1 Domingo-ferrer Algorithm

Start

// M=Message

// k

Step 1:

Generate matrix of uniformly distributed random integers

Step 2:

Encrypted Message = mod (k+m,M)

Stop

7.4.2.2 Elliptic Curve Naccache-Stern (EC-NS) Encryption Algorithm

Start

// p, q, b, g, sigma, r

// M= Message.

Step 1:

Page 38: Vampire attack

Page 38

Calculate ‘n’ by multiplying ‘p’ and ‘q’

Step 2:

Encrypted Message = (M+sigma*r)*G;

Stop

7.4.2.3 Elliptic Curve ElGamal (EC-EG) Encryption Algorithm

Start

// e, p, g, x, k.

//M= Message

Step 1:

Calculate’ Y’ by multiplying ‘X’ with ‘G’.

Step 2:

Calculate’ R’ by multiplying ‘K’ with ‘G’

Step 3:

Calculate S = M + k*Y

Step 4:

Encrypted Message = [R S]

Stop

7.4.3 Security Analysis

Security analysis is used to check the probability of hacking of data by attackers so

that we can come to a conclusion of what‘s the probability of securing data in wireless

sensor network? .The steps are shown below

Start

Step 1:

Attacker who has succeeded in establishing the malicious link with the

sensor node tries to decrypt the message.

Step 2:

Page 39: Vampire attack

Page 39

Attacker assumes keys of encryption algorithm.

Step 3:

If he is successful in breaking the encryption algorithm he will get the

original plaintext

else

He will not be successful in getting original plaintext.

Step 4: Calculate the probability of attacker succeeded in getting original

plaintext.

Stop

CHAPTER 8

RESULTS AND ANALYSIS

8.1 Introduction

This chapter presents the results of simulated outputs with respect to probability of

hacking data for Location dependent key management technique,Location dependent

key management techniquewith Domingo-ferrer encryption algorithm, Location

dependent key management techniquewith Elliptic Curve Naccache-Stern (EC-

NS)encryption algorithm,Location dependent key management techniquewith Elliptic

Curve ElGamal (EC-EG) encryption algorithm. The observations are made for

Location dependent key management techniquewith Domingo-ferrer encryption

algorithm, Location dependent key management techniquewith Elliptic Curve

Naccache-Stern (EC-NS)encryption algorithm,Location dependent key management

techniquewith Elliptic Curve ElGamal (EC-EG) encryption algorithm.with respect to

the probability of hacking data by increasing the number of rounds of execution and

finally suggesting the best one .

8.2 Snapshots

Below are some of the snapshots of different phases of the proposed system.

Page 40: Vampire attack

Page 40

Fig 8.1 :Initial window showing the sensor boundary with sensor nods deployed

Fig 8.2: Communication in Sensor network without key management and encryption

Fig 8.2 represents communication in sensor network without key management and encryption

where the attackers succeed in establishing malicious links with all the neighboring

nodes(probability of malicious /compromised links to the neighboring nodes is 1) and as

encryption is not applied to data in sensor nodes all the data in sensor nodes are easily hacked

.

Page 41: Vampire attack

Page 41

Fig 8.3 : A phase of Location dependent key management technique showing position of

anchor node at an instant of time

Fig 8.4: A phase of Location dependent key management technique showing different

power levels

Fig 8.4 shows different power levels where power keys are transmitted to the sensor

nodes based on the power level to which each sensor nodes belongs.

Page 42: Vampire attack

Page 42

Fig 8.5: Location dependent key management technique in Sensor networks

Fig 8.5 represents communication link set up stage where Location dependent key

management technique is used and the number of malicious links to the sensor nodes by

attacker is reduced.

(Probability of malicious/compromised links is 0.31 where the percentage decrease of

malicious link from the scheme where no key management and encryption are used as shown

in Fig 8.2 is nearly 70 %) .

Page 43: Vampire attack

Page 43

Fig8.6: Location dependent key management Scheme along with EC-NS encryption

Fig 8.6 represents communication phase. Attacker is shown by red nodes and the the

number of malicious links of him which are successful in getting data is shown by red

links .As there are no red link none of the data is being hackedand the probability of

hacking data is 0. Percentage of hacking data compared to scheme where no key

management and encryption are used as shown in fig 8.2 is reduced by 100% and

percentage of hacking data from scheme which uses only key management as shown

in Fig 8.5 is reduced by nearly 30%.

Fig 8.7: Location dependent key management Scheme along with EC-EG encryption

Fig 8.7 represents communication phase. Attacker is shown by red nodes and the the

number of malicious links of him which are successful in getting data is shown by red

links .As there are no red link none of the data is being hackedand the probability of

hacking data is 0. Percentage of hacking data compared to scheme where no key

management and encryption are used as shown in fig 8.2 is reduced by 100% and

percentage of hacking data from scheme which uses only key management as shown

in Fig 8.4 is reduced by nearly 30%.

Page 44: Vampire attack

Page 44

Fig 8.8: Location dependent key management Scheme along with Domingo-Ferrer

encryption

Fig 8.8 shows communication phase. Attacker is shown by red nodes and the the

number of malicious links of him which are successful in getting data is shown by red

links .As there are no red link none of the data is being hackedand the probability of

hacking data is 0.013. Percentage of hacking data compared to scheme where no key

management and encryption are used as shown in fig 8.2 is reduced by 99.087% and

percentage of hacking data from scheme which uses only key management as shown

in fig 8.5 is reduced by nearly 29 %.

8.3 Analysis

All proposed strategies have been implemented and compared on Matlab. All the

proposed strategies are analysed for the probability of hacking data/links by

increasing the number of rounds of execution.

Fig 8.9 shows the graph where Location dependent key management with

Domingo ferrerencryption,Location dependent key management with EC-NS and

Location dependent key management wih that EC-EG are compared by running the

algorithms number of times against the probability of hacking data and have found

that Location dependent key management with EC-NS givs better result.

Page 45: Vampire attack

Page 45

Fig 8.9: Graph showing the comparison of location dependent key management with all

the three encryption schemes .

CHAPTER 9

Page 46: Vampire attack

Page 46

CONCLUSION AND FUTURE ENHANSEMENT

9.1 Conclusion Since Wireless Sensor Networks (WSN) has been evolved, they are used in many

critical applications like military and so on . So there is need for securing data in

Wireless Sensor Networks.

In this project work, keeping in mind the major problem of securing data in

Wireless Sensor Networks, a system which is a combination of Key Management

technique along with encryption schemes have been developed. In this project work a

key management schemecalled Location dependent key Management technique

(LDK) for sensor networks along with Domingo ferrer encryption algorithm,Elliptic

CurveNaccache-Stern (EC-NS) Encryption Algorithm,Elliptic Curve ElGamal (EC-

EG) encryption algorithms have been developed. Comparison of these three

encryption system along with Location dependent key management technique has also

been shown.

9.2 Future Enhancement

Due to limitation of time and constraint of resource, the current project work is

restricted to specific functionality only. But in case if such obstruction are conquered,

then the current project work could be extended to following future enhancement.

• The existing project work could be enhanced to design a group key

management scheme for simultaneous multiple groups with overlapped

membership, where the idea is to develop an efficient secure multiple

groupskeymanagement scheme with overlapping membership based on Key-

User Tree structure with following properties. a) Scheme handling multiple

groups simultaneously. b) Group members within a group can communicate

securely. c) Group members of one group can communicate with other group

members securely. This future idea will be expected to accomplish significant

reduction in rekeying cost, storage and scales well in comparison.

• Another feasibility of future modification for the current research work will be

to design a key management technique for static sensor networks so that the

probability of hacking the links still decreases compared to the one that is

proposed.

Page 47: Vampire attack

Page 47

• Another feasibility of future modification for the current research work will be

to design encryption schemes to be stronger than the encryption schemes those

have been proposed.

REFERENCES

Page 48: Vampire attack

Page 48

[1] JinatRehana. “Security in Wireless Sensor Network”. Helsinki University of

Technology, April 2009.

[2] Andreas A. Strikos.” A full approach for Intrusion Detection in Wireless

Sensor Networks”.School of Information and Communication Technology,

KTH Stockholm, Sweden, March 2007.

[3] Wenliang Du, Jing Deng, Yunghsiang S. Han, Shigang Chen, and Pramod

K.”A keymanagement scheme for wireless sensor networks using deployment

knowledge”, April 2004.

[4] Wenliang Du, Jing Deng Yunghsiang, S. Han Pramod and K. Varshney,”key

management in wireless sensor networks extended abstract”, Department of

Electrical Engineering and Computer Science, Syracuse University, Syracuse,

USA.

[5] Loukaslazos and RadhaPoovendran,“SeRLoc: Robust Localization for

Wireless Sensor Networks”,ACM Transactions on Sensor Networks, Vol. 1,

No. 1,pp. 73-100, August2005.

[6] DebarghAcharya and Vijay Kumar,”Location Aware Pair-wise Key

GenerationSchemesfor Wireless Sensor Networks”, SCE, Computer Science,

University of Missouri-Kansas City USA,2004.

[7] Siu-Ping Chan, RadhaPoovendran and Ming-Ting Sun,”A Key Management

Scheme in Distributed Sensor Networks Using Attack

Probabilities”.Department of ElectricalEngineering,University of Washington,

Seattle, Washington, USA,2005.

[8] Tanveer Zia, Albert Zomaya and NedalAbabneh,”Evaluation of overhead in

security mechanism in wireless sensor network” In proceedings

ofInternational Conference on SensoTechnologie andApplications

(SENSORCOMM 2007), October 14-20, 2007, Valencia,Spain.

[9] Fei Hu, Jim Ziobro, Jason Tillett and Neeraj K. Sharma,”Secure Wireless

Sensor Networks Problems and Solutions”,2005.

[10] S. Padma Priya and Mr. JayaramPradhan,” efficient security framework for

detection and isolation of attackers in low rate wireless personal area

network”,IJCSNS International Journal of Computer Science and Network

224 Security, VOL.8 No.7, July 2008.

Page 49: Vampire attack

Page 49

[11] X. Wang, W. Gu, K. Schosek, S. Chellappan, and D. Xuan,”Sensor network

configuration under physical attacks”,Dept. of Computer Science and

Engineering, The Ohio-State University, July 2004.

[12] X. Wang, W. Gu, S. Chellappan, D. Xuan, and T. H. Laii,“Search-based

physical attacks in sensor networks: Modeling and defense”,Dept. of

Computer Science and Engineering, The Ohio-State University, Feb. 2005

[13] C. Hartung, J. Balasalle, and R. Han,“Node compromise in sensor networks:

The need for secure systems”.Department of Computer Science, University of

Colorado at Boulder, 2004.

[14] R. Anderson and M. Kuhn, “Tamper resistance - a cautionary note”,In

proceedings ofThe Second USENIX Workshop on Electronic Commerce, 1996.

[15] R. Anderson and M. Kuhn,”Low cost attacks on tamper resistant devices”, In

proceedings of IWSP: International Workshop on Security Protocols, LNCS,

1997.

[16] O. K¨omerling and M. G. Kuhn,”Design principles for tamperresistant

smartcard processors” In proceedings of USENIX Workshop on

SmartcardTechnology , May 1999.

[17] J. Deng, R. Han, and S. Mishra,"Security, privacy, and fault tolerance in

wireless sensor networks”, Aug. 2005.

[18] N. Sastry, U. Shankar, and D. Wagner,”Secure verification of location

claims.” In proceedings of ACM Workshop on Wireless Security, Sept. 2003.

[19] A.Perrig,J.Stankovic and D.Wagner,”Security in wireless sensor

networks”,Commun. ACM 47(6):53–57, 2004.

[20] L. Hu and D. Evans,”Using directional antennas to prevent wormhole attacks”.

In proceedings of 11th Annual Network and Distributed System Security

Symposium, Feb. 2004.

[21] X. Wang, W. Gu, S. Chellappan, K.Schoseck, and D. Xuan,”Lifetime

optimization of sensor networks under physical attacks”,In proceedings of

IEEEInternationl Conference on Communications, May 2005.

[22] A. Seshadri, A. Perrig, L. van Doorn, and P. Khosla.”Swatt: Software-based

attestation for embedded devices”, In proceedings of IEEE Symposium on

Security and Privacy, May 2004.

Page 50: Vampire attack

Page 50

APPENDIX

1. Code of Location dependentKey Management

1.1 Predeployment phase

Page 51: Vampire attack

Page 51

% Common key

% Common key is given to all sensor nodes and anchor node

K = 1345; % Take any random number

% Original key ring is given to only sensor nodes

P_size=2000; % Size of original key pool

R_size=100; % Size of original key ring

% Define key pool

A=randperm(10000); % Generate random number till 10000

key_pool = A(1:P_size); % Take random numbers

P=key_pool; % Key pool

% Check whether the common key is a member of Key pool?

Kset=0;

whileKset==0

ifismember(K,P)

K = randint(1,1,1000);

else

Kset=1;

end

end

% Generate the original key ring

R=struct;

for i=1:node_num

% Take randomly the set of R

R_idx=randperm(length(key_pool)); R(i).Okey=P(R_idx(1:R_size));

R(i).commonkey=K;

R(i).Dkey = [];

end

1.2 Initialization Phase

% Decide the becons from sensor nodes

% Generate five random keys.

A=randperm(90); % Generate random number till 90

power_keys = A(1:powerlevels); % Take random numbers

% Encrypt the keys using the common key K

Page 52: Vampire attack

Page 52

% Take one by one key and encrypt it

PowerCy_text=cell(1,length(power_keys));

for i=1:length(power_keys)

Pkey=power_keys(i);

Pstr=['P' num2str(Pkey)];

PowerCy_text{i}=encrypt(Pstr,K);

end

% Determine the radius of different powerlevels based on number of

% powerlevels and maximum radius of the anchor node power.

% Divide power levels between 0 and maximum radius

Rp=linspace(0,rad_anchor,powerlevels+1);

% Delete first element which is zero

Rp(1)=[];

% Read one by one mobile anchor position and take the readings of the

% movement. Make the trajectory set of each node who receives the beacon

% from anchor node.

Ai=cell(1,node_num);

nodeids=cell(1,idx-1);

colors = {'w','g','b','r','y'};

for i=1:anchor_num

% Take X position

Ax = anchor_x(i);

% Take Y position

Ay = anchor_y(i);

% Plot network trajectory

plot(node_x,node_y,'.');

hold on

% Plot anchor node

plot(Ax,Ay,'r*')

axis([-rad_anchorwidth+rad_anchor -rad_anchor length1+rad_anchor])

% draw_circle1(Ax,Ay,rad_anchor,'r')

% Calculate nodes which receives the beacon from the anchor node

node_ids=[];

forkk=1:node_num % For all node

Page 53: Vampire attack

Page 53

Nx = node_x(kk);

Ny = node_y(kk);

d= calc_dist([Ax,Ay],[Nx,Ny]);

% if the distance is within range of each power level

for pp = 1 : powerlevels

draw_circle1(Ax,Ay,Rp(pp),colors{pp} )

if d<=Rp(pp)

line([Ax Nx],[Ay Ny],'color','r')

% Calculate Determined key ring

rec_cy=PowerCy_text{pp};

Okey = R(kk).Okey; % Take original keyring of the node

Ck = R(kk).commonkey; % Common key

rand_no=decrypt(rec_cy,Ck); %Decrypt the cypertext using common key

% Remove P charcter and covert to double

rand_no=str2double(rand_no(2:end));

% hashing

fornn= 1:length(Okey)

Hkey(nn) = key_hashing(rand_no,Okey(nn));

end

% Append keys

R(kk).Dkey = [R(kk).DkeyHkey];

node_ids=[node_idskk]

Aids=[Ax; Ay];

Ai{1,kk}=[Ai{1,kk} Aids];

end

end

end

nodeids{1,i}=node_ids;

title('Initialization phase');

hold off

pause(0.0001)

% pause;

End

Page 54: Vampire attack

Page 54

1.3 Attacker trying to set up link

% Distribut attackers in the region

[Ax,Ay]=creatnode(Nattack,length1,width);%· Create coordinates

% Plot attackers

plot(Ax,Ay,'rs','Markerfacecolor','r','markersize',8)

hold on

% Try to set up communication link with other nodes

pause(0.1)

% Plot network trajectory

plot(node_x,node_y,'.');

hold on

comm_link = [];

txt = 'hello';

M = double(txt);

pause(0.1)

count1 =0;

for i=1:Nattack

fprintf('Node %d is trying to set up a link\n',i)

axis([-rad_anchorwidth+rad_anchor -rad_anchor length1+rad_anchor])

title('Communication stage');

Nx1 = Ax(i);

Ny1 = Ay(i);

for j = 1:node_num

Nx2 = node_x(j);

Ny2 = node_y(j);

d= calc_dist([Nx1,Ny1],[Nx2,Ny2]);

if d<2.5 % if the node is within range

forkk = 1:200

Rdkey = round(30000*rand(1,3000));

% Generate some random derived key try to hack the channel

z=intersect(R(j).Dkey,Rdkey);

ck = length(z);

if ck~=0

Page 55: Vampire attack

Page 55

ck

end

ifck>=Nc

ck

% Set up the communication link

line([Nx1 Nx2],[Ny1 Ny2],'color','r')

comm_link = [comm_link;i j];

count1 = count1+1;

fprintf('%d attacker has set up link with node %d\n',i,j)

pause(0.01)

break;

end

end

end

end

end

2. Encryption Phase

2.1 Domingo Ferrer Encryption

M = 1232423;

% r = randi([1,M-1],1);

r = randint(1,1,[1,M-1]);

e1 = mod(k+m,M);

C = mod(m*r,M);

d1 = mod(C/r,M);

mod(e1-k,M);

C = e1;

2.2 Elliptic Curve Naccache-Stern (EC-NS) algorithm

p = 250;

Page 56: Vampire attack

Page 56

q = 450;

n = p*q;

b = 234;

sigma =12345;

G = 35234;

mu = lcm(p+1,q+1);

%% Encryption

% m = [5 7 0 8];

% r = 120;

C = (m+sigma*r)*G;

%% Decrypt

mrec = (C/G)-(sigma*r);

% G_1 = (mu/sigma)*G;

% val = (mu/sigma)*C;

% m = log([val,G_1])

% m = C/G

2.3 Elliptic Curve ElGamal (EC-EG) algorithm

E = 100;

p = 230;

G = 340;

% x = 100;

Y = x*G;

%%

k = 12;

R = k*G;

S = M + k*Y;

C = [R S];

%%

% M = -x*12*G+M+x*k*G

M = -x*R+S;