7/26/2019 WSN_ass

1/15

Introduction

WSN or in other words Wireless sensor Networks are basically a large collection of small

devices each with the capability of sensing, processing and communicating in order to

monitor the real-world environment. A typical sensor node has 4 main parts to it

ower supply

Sensor and analog to digital converter !A"#$

rocessor and storage memory %ransceiver to send and receive data

!&igure '$

%he networks themselves are made up of two different types of configurations as seen below.

!&igure ($

)oth the above pictures show a wide spread geographical area which is divided up into

clusters with a gateway in each of them. %he gateway is the communication hub for all nodes.

*t is the gateway that collects data and forwards it to the user. *n the first picture the nodes are

directly communicating with the gateway in its cluster. *n the second picture the nodes are

chaining in order to communicate with the gateway. %his offers several advantages such as

reduces energy for transmission but on the other hand it increases the energy in processing as

each node receives and forwards messages.

%here are two modes of operation that of continuous operation and +uery mode. *n the first

mode the node is continually sensing the environment and sending data to neighbouring or

the central node. *n the +uery mode it remains on low power ust waiting for a command to

bring it to life from the central or neighbouring node. pon receiving a command it collects

the data, processes it and sends it to the re+uesting node.

(Aboelaze, M and Aloul, F)

7/26/2019 WSN_ass

2/15

%he vision for the future is to use WSN to implement a maor role in society by using a wide

variety of applications from critical military surveillance to forest fires. %hese sensor nodes

will be deployed in large numbers to monitor, process and communicate the information they

have been programmed to do in all kinds of terrain and conditions.

%here is however one small problem in that they have severe resource constraints because oftheir lack of power, limited memory and energy. %he fact is that these nodes will be left

unattended in hostile and remote locations and so security is of the upmost. Security threats

include

Node capture

hysical tampering

/avesdropping

"enial of service attacks ... to name but a few.

As these sensor nodes are resource constrained traditional security mechanisms are notviable. 0esearch has come up with various security schemes which are specially developed

for WSNs. A few protocols have been proposed and these include

!&igure 1$

%he reason why perhaps we haven2t really seen much of these networks around may be due

to several factors !i$ WSN technology can be very e3pensive on large scale systems. !ii$ %hetechnology is limited and unreliable due to the use of low cost and low power radios

operating in highly crowded *S bands. !iii$ *nvestment is viable due to the lack of

applications which are cost effective. !iv$ any applications are still not available which are

ready to use and able to fulfil the functional and non-functional re+uirements. %here is one

system though that is striving to overcome the problems stated above and that is the /5N

system architecture for large-scale, dense, real-time embedded monitoring and provides a

hierarchical middleware and command software.

(Tennina, S. Et all)

How are Wireless Sensor Networks going to benefit us?

%he uses for WSNs are many, let2s take a look at a few of them. Where better to start than in

the home, the place where we look for things to make our lives convenient and comfortable.

7/26/2019 WSN_ass

3/15

*n the home they are able to control almost anything that can be controlled through an

electronic circuit including

6ighting

7eating 8 cooling

Security

/ntertainment

#ooking and so on...

Ne3t we look at health. %his is an area where sensor networks are e3tensive so can e3perience

them in

7ealth monitors for

o 9lucose

o 7eart rate

o #ancer detection....

#hronic diseases

o Artificial retina

o #ochlear implants...

7ospital sensors

o onitor vital signs

o 0ecord anomalies...

*n the defence of our country the military use them to monitor troop movements. %hey can set

up sensors to guard and protect crucial locations and information. %hey could also be used as

spies reporting on enemy movement and so on...

When we move onto industrial and commercial environments we can see them being used to

onitor crop conditions.

*nventory tracking.

*n process parts tracking.

Automated problem reporting

0&"* theft deterrent and customer tracing

lant e+uipment maintenance monitoring...

Another use could be for traffic management and monitoring.

&uture cars could use wireless sensors to

o 7andle accidents

o 7andle thefts

Sensors embedded into the roads could

o onitor traffic flow

o rovide real time updates

*t doesn2t matter where we go or what we do wireless sensors can and do help us in one way

or another.

(Wayne)

7/26/2019 WSN_ass

4/15

*n this piece of work the intention is to look at the security issue relating to WS. As *

mentioned above WSNs must be secured against intruders who wish to obstruct the delivery

or forge the sensor data. 5ne way that has been implemented to secure the data is by

integrating end-to-end data integrity checksums and post-processing of sensor data used to

identify forged data. As this is a wireless technology it is e3posed to wireless hacking threats

such as eavesdropping, unauthorised access, spoofing, replay, and denial of service !"oS$

attacks. *f that weren2t enough the sensors themselves are limited to the degree of encryption,decryption, and authentication due to resource constraints. #ommon security mechanisms

such as computation-intensive public-key cryptography are +uestionable.

Another maor risk is physical risk where by an intruder could easily be captured and

subected to attacks. Such attacks could result in advertising false routing information, and

launching of a "oS attack from within the sensor network. "evelopers are working on

designs so as to design a intrusion-tolerant WSN whereby a single compromised node will

only disrupt a small portion of the network without bringing the whole of the network down.

%his re+uires protection against two classes of attack, "oS type and routing disruption.

*n a more conventional network for secure routing message integrity, authentication, and

confidentiality are handled at a higher layer by end-to-end security mechanisms including

SS6 and SS7. &or the routers they need not see the content of the data packets or indeed have

access to the content of the data packets. 7owever, the same is not true for sensor networks

because the intermediate nodes need direct access to the contents of the data. As a result

much more is needed from the protocols used and they must be designed with this in mind.

So what are the requirements for security in WSNs?

As * have mentioned there are several threats to WSNs and at the same time there are uni+uecharacteristics. So with that security measures have to be thought out meticulously. 6et2s now

look at some of the security re+uirements needed.

!i$Data confidentiality %his means that the messages being send over the network should

only be understood by the intended recipient. *n order to achieve this

%he sensor node should not allow access to anyone who is unauthorised to do so.

:ey distribution mechanism should be robust.

!ii$Data integrity %he mechanism must certify that no messages can be tampered with as it

crosses the network.!iii$Availability Services should always be available even during attacks.

!iv$ Data fresness %his refers to the data being recent and no adversary can replay old

messages.

!v$ Self!organization *n other words each and every node in the WSN should be able to

organi;e and heal itself. Nodes in the WSN must organise among themselves multi

7/26/2019 WSN_ass

5/15

!viii$Autentication *t has to be made very clear that the communicating node is the node it

claims to be to safe guard against the modification and fabrication of data packets.

What are the vulnerabilities?

Although there are many types of attacks they generally fall into three categories.

!i$Attac#s on net$or# availability %hese are commonly known as "oS attacks.

!ii$Attac#s on secrecy and autentication %hese types of attacks such as spoofing of packets,packet replay, modification of packets, and eavesdropping are defended against by the use of

standard cryptographic techni+ues.

!iii$ Stealty attac# against service integrity %his relate to an attacker inecting false data

values and forcing the network to accept them.

(%baidat and Misra)

DoS Attacks

%here are many "oS attacks and can be aimed at different layers of the 5S* solet2s take a

look at the types of "oS attacks mapped out to the 5S* model.

hysical !ayer

Sensor networks communicate via wireless communication on an ad-hoc network on a large

scale. %his makes any other form of communication impractical.

"amming

%his is one of the better known attacks and is simple and effective. *t interferes with the radio

fre+uencies being used disrupting the whole network putting nodes out of action.

Nodes are able to tell the difference between amming and failure of its neighbours through

the constant energy and lack of response impedes communication. %he normal defence

against this is to use various forms of the spread-spectrum. *t2s difficult for ammers to follow

the hopping se+uence or to even am a wide area of the fre+uency band.

!&igure 4$

7/26/2019 WSN_ass

6/15

!&igure =$

*n figure ' it shows us that nodes should communicate and ma3imi;e the successful delivery

of messages. %his is achieved by switching to a prioriti;es transmission scheme to minimi;ecollisions. And also nodes can buffer high-priority messages indefinitely relaying the

message again and again when there is a gap due to amming.

*n figure ( the nodes are surrounding the affected region to map and report the "oS attack

boundary to a base station. #loser nodes to the attack can detect the higher than normal

background noise and report it to nodes outside the attack region.

#am$ering

*t is unrealistic to e3pect access to hundreds of nodes over a several kilometres. %hese nodes

are susceptible to attackers who can inflict total destruction, damage or even replace sensors

and hardware to e3tract sensitive data such as cryptographic keys to gain higher access of

communication. Such defences include automatic erasing of cryptographic or program

memory or camouflaging then to conceal them out of sight.

!ink !ayer

%he A# layer allows neighbours to communicate and rely on carrier sense to detect other

nodes transmitting which is vulnerable to "oS attacks.

%ollision

*t only takes a collision in one octet to disrupt an entire packet. A checksum mismatch

causing a corrupted A#: control message could provoke e3ponential back-off.

>ariable levels of corruption in messages are checked by error-correction codes which are

fle3ible. %he network can use collision detection to weed out malicious collisions creating a

link layer amming. Although it can do this no real solution to this problem is effective.

&'haustion

A native link layer implementation may attempt retransmission repeatedly. %his is an active"oS attack and could lead to the e3haustion of battery resources in nearby nodes. %ime

divisional multiple3ing gives each node a time slot for transmission but is still at risk to

collisions. A typical "oS attack would be an interrogation attack. 7ere one node would

7/26/2019 WSN_ass

7/15

continually send 0e+uest %o Send, #lear %o Send messages to reserve channel access.

#onstant transmission would deplete the energy resources of both nodes. 5ne form of

defence here is the A# admission control rate limiting. %his tells the network to ignore

e3cessive re+uests and thus protects against battery energy loss.

(nfairness

%his is relating to the cooperative A#-layer priority scheme whereby attacks e3ploit thisscheme causing unfairness. *t could avert legitimate access to the channel or degrade the

service by causing users to miss their real-time A# protocol deadlines.

%he use of small frames is a defence against this attack as it enables the node to capture the

channel for a short time. %he attacker can still gain control when trying to get access by

responding +uickly while others delay randomly.

Network and )outing !ayer

As messages progress by many hops to their destination the aggregate network cost of

replaying a packet increases. %here is also a probability that the packet could be dropped or

misdirected on the way.

)ecause of the absence of routers in the network the nodes will become routers themselves

routing all traffic flowing through them. %his in itself creates a vulnerability. rotocol have to

be simple but robust enough to deal with failures which occur many hops away from the

source.

Neglect and greed

%his form of "oS attack is known as node-as-router vulnerability. %he problem is that

messages can be neglected with regard to routing. %he captured node still participates in low

level protocol and even acknowledges reception of data but it can drop messages randomly

being neglectful. *t is also greedy in the fact that it gives higher priority to its own messages.

As a result of its greediness traffic will be degraded or even blocked from the region to the

base station.

%he use of multiple routing paths or sending redundant messages has an effect on this attack

by reducing it. )ut finding a greedy node is not easy so prevention is better than detection.

Homing

*n a WSN network nodes are given responsibilities. 5ne node could act as coordinator while

another could serve as cryptographic key managers. %hese nodes attract much attention

because they are the nodes with crucial information and critical services to the network.

)ecause they rely on geographic forwarding it e3poses them to homing attacks.

*n order to find these nodes the attacker will be passive observing the traffic to find the

location of critical nodes. 5nce found the nodes are then open to being attacked by

collaborators or mobile adversaries using other means.

A defence against this is if all the neighbours were using cryptographic keys then at each hop

the headers could be encrypted. As a result this would hide the location or the source and

7/26/2019 WSN_ass

8/15

destination of the messages. 5f course this will only work if the nodes themselves have not

been hiacked and the decryption keys are valid.

*isdirection

%his is where messages are misguided by fabricated of malicious route advertisements. %his

is another "oS attack which is aimed at the sender getting it to send the message away from

its intended destination. *f the attacker can misdirect a lot of traffic flow in one direction itcan target an random victim. %his is similar to a smurf attack where the attacker forges the

victim2s address as the source of many broadcast *nternet control message protocol echoes.

As the replies are directed back to the victim which in turn floods the network link. %he

protocol in a WSN that is susceptible to this kind of attack is the "S0 !"ynamic Source

0outing$ protocol.

*n *nternet gateways they use egress filtering which is a mechanism used to prevent smurf

attacks. *t does this by verifying source addresses where parent routers can verify that all

packets from below have originated from their children. %his approach can also be used in a

WSN providing the network has a hierarchical routing mechanism.

+lack Holes

A more effective "oS attack is used against "istance vector based networks. Nodes advertise

;ero-cost routes to every other node forming routing black holes. ore traffic is directed in

their direction which results in intense resource contention around the node as others fight for

limited bandwidth. Although these are easily detected they can be very disruptive as other

nodes innocent knowledge of the network topology may suspect inconsistent advertisements.

Authori,ation%his is a defence against black holes as it only allows authori;ed nodes to e3change routing

information by the use of a public key encryption infrastructure to sign and verify routing

updates. "esigners have fond that public key encryption is difficult in WSN. %he networks2

scalability would be troubled due to ad hoc relations upon deployment such as mobile or

additional nodes being added through time so a centrali;ed certification authority would

create a single point of failure. %his gives the attacker the ability to construct valid routing

messages. %o protect against this threshold cryptography with shared updating can help.

*onitoringNodes monitor their neighbours to ensure correct routing behaviour. *t does this by relaying a

message to the ne3t hop and then acts as a watchdog that verifies the ne3t hop transmission of

the same packet. %his enables the watchdog to detect any changes in the packet causing

limitations caused by collisions, asymmetric physical connectivity and so on. %he +uality

rating mechanism is informed which enables the node to choose the most reliable router to

transmit its message to.

robing

robing is a more active approach which does not involve all the nodes on the network. *f the

network is using geography based routing then black holes can be detected by periodically

sending out probes crossing the network diameter. )lackout regions can be detected to

subect of transient routing errors and overload.

7/26/2019 WSN_ass

9/15

7/26/2019 WSN_ass

10/15

messages the se+uence numbers cause the end points to re+uest retransmission of missed

frames. *f proper timing is maintained by the adversary it prevents end points from sending

any useful information. %his leads to a waste in energy ina< an endless synchroni;ation

protocol.

5ne of the ways to counter this attack is authentication where by all fields are checked in the

transport layer protocol header. Assuming the authentication mechanism at the ends pointscould detect and drop malicious packets.

rotocol .ulnerabilities when designing new $rotocols/

"os attacks are a very real threat to sensor networks. %here is a need for developers to

analy;e these vulnerabilities

Ada$tive )ate %ontrol

rotocols have been improved upon and developed into standard A# protocols which are

more applicable to sensor networks by Woo and #uller.. :ey mechanisms include

)ack-off tha shifts an application2s periodicity phase.

assive adaptation of originating and route through admission control rates.

Anticipatory delay for avoiding multihop hidden mode problems.

All these impressive features can only work through cooperation among nodes. With

efficiency in mid preference has been given to route through traffic in admission control by

making it probabilistic multiplicative back-off factor =@ percent less than the back-off factor

of originating traffic. %his allows for preservation of packets that travel many hops.

5nce again though this is not attacker proof it still leaves vulnerabilities by making flooding

attacks more effective. 7igh bandwidth packet streams generated by a malicious node will

receive preference during collisions which can occur at every hop on the way. eaninng that

not only does the network transport the malicious traffic but also gives it preference.

)A

#henyang 6u2s real time location protocols !0A$ provide real time communication

architecture integrating a +uery event service A* and geographic forwarding with novel

velocity monotonic scheduling !>S$ policy.

7/26/2019 WSN_ass

11/15

!&igure $

%he above picture in figure three gives us a view of the architecture encompassing several

network payers, from prioriti;ing A# layer to the +uery event A* ust below the

application layer.

%he >S layer stamps packets with a desired velocity calculated from the distance to travel

and the end to end deadline. /ach node will compute it by looking to see what distance is left

and how long it has taken so far. acket relay gives higher priority to higher velocity packets.

%his is of course a vulnerability in itself as the attacker could flood the network with high

priority packets and wasting bandwidth and energy. %his is easily done by the attacker by

making the deadline short or the distance e3traordinarily large. 5n a brighter side packets will

soon be dropped if they have a short deadline as they would have missed it. %he attacker

could inect the packets with geographic destinations far away outside the sensor network.

%his may not be discovered though until the packet reaches the network2s edge therefore it

has wasted high priority bandwidth all the while.

*t is possible for this attack to be successful if the network uses a location directory service

that could detect out-of-area packets. %his service is usually invoked in order to find a

destination node by the original node. %he packet includes the destination so that intermediate

nodes only need to make local forwarding decisions. %he attacker would avoid this allowing

the malicious location to go undetected.

#rytographic-authentication mechanisms are what developers are focused on when

developing protocols in order to add "oS resistance. *n sensor networks there are serious

problems as digital signature schemes are impractical to use due to limited resources

available. *n an ad hoc network deployment of possible *"-less nodes causes the problem of

how to establish trust and identity especially in large scale networks.

7/26/2019 WSN_ass

12/15

%he most effective defence is to consider "oS attacks at the time of design. nsolvable

problems can be helped if defence strategies were applied in the case of cooperatively

mapping ammed regions. *t would become relatively easy to compromise a network if these

"oS vulnerabilities went unattended.

%he sensor network is only as good as it is secured. Without sufficient protection form "oSand other types of attacks sensor networks will become deployable in wide areas and good

for limited, controlled environments. %his would completely defeat the whole purpose of

having sensor networks in the first place.

(Wood and Stan#ovic &' ! )

7/26/2019 WSN_ass

13/15

)elow is a table depicting a table reflecting the types of attacks at each layer of the protocol

stack and other attacks.

!&igure B$

7/26/2019 WSN_ass

14/15

%onclusion

As the days go by wireless sensor networks become bigger and bigger and as they become

more and more popular they are being used more and more for mission-critical applications.

%his continual growth tells us that there is a serious need for security as they are being used

in some of the most sensitive areas of data recording. %here are problems though in that they

suffer from many constraints such as limited energy, processing capabilities, and storage

capacity. 5ther constraints also include unreliable communication and unattended operation.%he main form of security in use is cryptography. *n order to provide security in WSNs it is

necessary to select the appropriate cryptography method for sensor nodes. ublic key

cryptosystems bear too much load on the resource constrained sensor nodes. )ut as a result of

research it is viable to apply public key cryptography to the sensor networks by using the

correct selection of algorithms and associated parameters, optimi;ation, and low power

techni+ues.

&or tiny sensor modes it is possible to achieve good results with smaller keys bu using 0SA

and "iffie-7ellman based on the elliptic curve cryptography. %his reduces computation time

and also the amount of data transmitted and stored. %here is a promising outlook for WSNs

meeting security re+uirements by using asymmetric approaches with public key

cryptosystems, specifically elliptic curve cryptography.

(*elli, +)

7/26/2019 WSN_ass

15/15

)&-&)&N%&S

0Aboela;e, and Aloul, &, #urrent and &uture %rends in Sensor Networks A Survey,

viewed C8=8(@' available at http88ieee3plore.ieee.org.

1

%ennina, S. /t all. /5N A WS System Architecture for 6arge Scale and "ense

0eal-%ime /mbedded onitoring, viewed C8=8(@' available athttp88ieee3plore.ieee.org.

25baidat. , S. and isra, S, (@'4, rinciples of Wireless Sensor Networks,

#ambridge niversity ress, nited :ingdom.

3

Wood, A, " and D, A Stankovic. E"enial 5f Service *n Sensor NetworksE. *o"uter

(@@( >iewed C8=8(@'

www.cs.wpi.edu8Femmanuel8courses8...8wk'(Gp'G6ubaGsensorG"oS.pdf, =4 - '.

4Wayne, 6, What does the &uture hold for Wireless Sensors, oweroint presentation,

State niversity "epartment of #omputer Science, .S.A.

5

#helli, :, (@'=, Security *ssues in Wireless Sensor Networks Attacks and

#ountermeasures, roceedings of the World #ongress on /ngineering (@'= >ol *,6ondon :. viewed C8=8(@' available at

http88www.iaeng.org8publication8W#/(@'=8W#/(@'=pp='C-=(4.pdf

-I6()&S

&igure '

H (

Aboela;e, and Aloul, &, #urrent and &uture %rends in Sensor Networks A

Survey, viewed C8=8(@' available at http88ieee3plore.ieee.org.

&igure 1

Singh, S, :, Singh, , and Singh, ", :, (@'@, 0outing rotocols in Wireless

Sensor Networks A Survey, *nternational Dournal of #omputer Science H

/ngineering Survey !*D#S/S$ >ol.', No.( November (@'@.

&igure 4,

= and

Wood, A, " and D, A Stankovic. E"enial 5f Service *n Sensor NetworksE.

*o"uter(@@( >iewed C8=8(@'

www.cs.wpi.edu8Femmanuel8courses8...8wk'(Gp'G6ubaGsensorG"oS.pdf, =4 - '.

&igure B

#helli, :, (@'=, Security *ssues in Wireless Sensor Networks Attacks and

#ountermeasures, roceedings of the World #ongress on /ngineering (@'= >ol *,

6ondon :. viewed C8=8(@' available at

http88www.iaeng.org8publication8W#/(@'=8W#/(@'=pp='C-=(4.pdf

http://www.cs.wpi.edu/~emmanuel/courses/.../wk12_p1_Luba_sensor_DoS.pdfhttp://www.iaeng.org/publication/WCE2015/WCE2015http://www.cs.wpi.edu/~emmanuel/courses/.../wk12_p1_Luba_sensor_DoS.pdfhttp://www.iaeng.org/publication/WCE2015/WCE2015http://www.cs.wpi.edu/~emmanuel/courses/.../wk12_p1_Luba_sensor_DoS.pdfhttp://www.iaeng.org/publication/WCE2015/WCE2015http://www.cs.wpi.edu/~emmanuel/courses/.../wk12_p1_Luba_sensor_DoS.pdfhttp://www.iaeng.org/publication/WCE2015/WCE2015