Overview of Security Issues in Wireless Sensor Networks

Hero Modares

Department of Computer system

and technology

University of Malaya

Kuala Lumpur, Malaysia

hero.modares@gmail.com

Rosli Salleh

Department of Computer system and technology

University of Malaya

Kuala Lumpur, Malaysia

rosli_salleh@um.edu.my

Amirhossein Moravejosharieh

Department of Computer system and technology

University of Malaya

Kuala Lumpur, Malaysia

Amirhosein.moravej@gmail.com

Abstract— Wireless sensor networks (WSN) are generally set

up for gathering records from insecure environment. Nearly

all security protocols for WSN believe that the opponent can

achieve entirely control over a sensor node by way of direct

physical access. The appearance of sensor networks as one of

the main technology in the future has posed various challenges

to researchers. Wireless sensor networks are composed of large

number of tiny sensor nodes, running separately, and in

various cases, with none access to renewable energy resources.

In addition, security being fundamental to the acceptance and

employ of sensor networks for numerous applications; also

different set of challenges in sensor networks are existed. In

this paper we will focus on security of Wireless Sensor Network.

Keywords- Wireless Sensor Network Attack; Wireless Sensor

Network Attacker; Layering-Based Attacks; Security Issues in

Wireless Sensor Network; Cryptography in Wireless Sensor

Network

I. INTRODUCTION

Sensor networks by distributed wireless technology are used in numerous applications. Caused by resource restriction some of WSN applications work without security which decreased Quality of Service (QoS). In WSN, a mass of wireless sensors are linked together via RF communication links. The quality of working properly of the nodes in WSN application consists of comprehension, gathering and distributing information in the network. Energy is a main issue as the sensors are in general tiny. In addition wireless with restricted memory and quality of working properly given the fact that the batteries have a restricted governing power [1]. Different types of DoS attacks can affect a network or node. If attacked node continues to exchange information or ideas with its neighbors and it lead to diminish all its power then the node declares as a dead node which is worst cases [2]. In this paper we will focus on security issues and various layers attacks and feasible security approach.

II. OVERVIEW OF SECURITY ISSUES

A. Attack and Attacker

An attack can be an effort to get illegal access to a service, information, or the assay to conciliation integrity, confidentiality, or availability of a system. Attacks are originated by attackers or intruders. WSN Adversary can be: Passive: A person or another entity that only monitors the communication channel which threatens the confidentiality of data.

Active: Effort to add, delete or alter the transmission on the cannel which threatens to confidentiality, authentication and data integrity.

Insider: Steal key material and run malicious code by compromise some authorized nodes of the network. Outsider: attacker has no particular access to the network.

Mote-Class Attacker: Has access to the minority nodes with similar capabilities.

Laptop-Class Attackers: they have access to powerful devices such as laptop which has advantages greater than legal nodes, for instance more capable processor, greater battery power and high power antenna [3].

B. Security Principles

The security requirements [4, 5] of a wireless sensor network can be classified as follows [6-9]:

Data Authentication: Make sure that the data is initiated from the exact source.

Data Confidentiality: Make sure that only authorized sensor nodes can get the content of the messages.

Data Integrity: Make sure that any received message has not been modified in send by unauthorized parties.

Availability: Make sure that services offered by WSN or by a single node must be available whenever necessary.

Data Freshness: Make sure that no old data have been replayed.

2011 Third International Conference on Computational Intelligence, Modelling & Simulation

978-0-7695-4562-2/11 $26.00 © 2011 IEEE

DOI 10.1109/CIMSim.2011.62

308

III. LAYERING-BASED ATTACKS

A. Physical Layer

Jamming is a well-known attack on physical layer of wireless network. Jamming interferes with the radio frequencies being used by the nodes of a network. An attacker sequentially transmits over the wireless network refusing the underlying MAC protocol. Jamming can interrupt the network impressive if a single frequency is used throughout the network. In addition jamming can cause excessive energy consumption at a node by injecting impertinent packets. The receiver’s nodes will as well consume energy by getting those packets [10].

Xu, Trappe, Zhang and Wood in 2005 proposed [11] four different type of jamming attack that can be used by an attacker to stop the operation of a wireless network. How each model affects on the sending and receiving capability of a wireless node and its impressiveness were evaluated. It was remarked that no single system of measures such as carrier sensing time and signal strength is adequate for reliably detecting the conduct of a jammer, and that using packet delivery cannot recognize whether poor link service was due to the mobility of nodes or jamming while it may be efficacious in mark as different between jammed scenarios and congested.

Tampering is another attack on physical layer. In this attack, nodes are vulnerable to tampering or physical harm [12]. In Table 1, describes Physical Layer Threats and Countermeasures in WSN [13].

TABLE I. TABLE TYPE STYLES

Threat Countermeasure

Interference Channel hopping and Blacklisting

Jamming Channel hopping and Blacklisting

Sybil Physical Protection of devices

Tampering Protection and Changing of key

B. Data Link Layer

Attacks can also be made on the link layer. An attacker may premeditatedly violate the communication protocol, and frequently send messages in an attempt to cause collisions. This type of collisions would need the retransmission of any packet influenced by the collision. By means of this technique it would be possible for an adversary to consume easily a sensor node’s power supply by forcing oversupply retransmissions [5]. In Table 2, describes Data Link Layer Threats and Countermeasures in WSN [13].

TABLE II. DATA-LINK LAYER THREATS AND COUNTERMEASURES

Threat Countermeasure

Collision CRC and Time Diversity

Exhaustion

Protection of Network ID and other

Information that is required to joining

device

Spoofing Use different path for re-sending the

message

Sybil Regularly changing of key

De-synchronization Using different neighbors for time

synchronization

Traffic analysis Sending of dummy packet in quite hours:

and regular monitoring WSN network

Eavesdropping Key protects DLPDU from Eavesdropper

C. Network Layer

A sensor node may obtain benefit of multi hop using simply refusing to route messages at the network layer. This could be executed frequently or irregularly with the net result being that any neighbor who marks a route through the malevolent node at least will be incapable of exchange messages with, part of the network [5, 14].

Entry by force or without permission in network layer can be grouped into two categories: passive and active attacks. A passive trespass does not interrupt the functioning of the network; but the adversary to discover information, eavesdrops on the traffic flowing across the network without modifying the data. It is very difficult to detect passive attack in view of the fact that a passive attack does not influence the functioning of the network. However, an active attack unlike a passive attack.

An active attack drops or modifies message thereby interfering the functioning of the network where both data packets and routing control packets kept by Messages. An attacker can attack routing packets causing a useless routing table at the source.

On the other side, an attacker can attack data packets causing imperfect communication, although it assists with other nodes to make legal routes between senders and receivers. For instance Wormhole attacks [15], Blackhole attacks [16], Byzantine attacks [17], DDoS attacks [18] and routing attacks [19, 20] are active attacks. In addition active attacks can be classified based on whether they target the data plane or control plane for example key distribution or routing protocols.

To obtain authenticate and integrity of data, encryption schemes and hash functions are usually used. Usually, encryption methods are supported by centralized key management. Moreover a trusted Certificate Authority (CA) is used in public key to make a secure communication between nodes[12]. In Table 3, describes Network Layer Threats and Countermeasures in WSN [13].

309

TABLE III. NETWORK LAYER THREATS AND COUNTERMEASURES

Threat Countermeasure

Eavesdropping Session Keys protect NPDU from Eavesdropper.

DoS Protection of network specific data link network ID

etc. Physical protection and inspection of network.

Selective

forwarding Regular network monitoring using Source Routing.

Sybil Resetting of device and changing of session keys.

Traffic

Analysis

Sending of dummy packet in quite hours: and

regular monitoring WSN network.

Wormhole

Physical monitoring of Field devices and regular

monitoring of network using Source Routing.

Monitoring system may use packet leach

techniques.

D. Transport Layer

Furthermore the transport layer is vulnerable to attack, as in the case of flooding. Flooding can be something simple such as sending many connection requests to a vulnerable node. In this situation, sender must be allocated to manage the connection request. Eventually a node’s resources will be exhausted, thus rendering the node useless [5].

IV. CRYPTOGRAPHY AND WSN

Wireless sensor networks applications include wildlife,

earthquake monitoring, and numerous of military applications. A major benefit of these applications is they execute in network processing.

Therefore, it decreases large streams of raw data into useful aggregated information [9, 21].

Wireless sensors are measured as constrained devices. It is due to the limitation of the number of gates, power and bandwidth etc. Like traditional networks, wireless sensors applications require protection against eavesdropping, alteration, and packet injection. In order to achieve this protection, data cryptography can prevent these security issues. Presently, sensor networks are supplied exclusively through symmetric key cryptography. The entire network is under risk if only one of its nodes has to be compromised by using symmetric cryptography. It means that the shared secret among those nodes is exposed. Another approach is to use a shared key between two nodes in the whole network. Then, it removes the network wide key. The disadvantage is additional nodes which cannot be added after the deployment process. In a sensor network with n nodes, each node needs to store (n – 1) keys.

Keys need to be established in the network. Eventually, a secure key distribution mechanism needs to be achieved as it allows a simple key establishment for large scale sensor networks. The current sensor devices have limited computational power. It makes the implementation of public-key cryptographic primitives and too expensive in terms of system overhead. In order to achieve 80 bit of security in ECC, it needs 160 bit parameters size, and gives the same security level offered by 1024 bit RSA. Langendorfer and Piotrowski mentioned some works which addressed PKC feasibility in WSN by evaluating different parameters [22]. Some evaluations consider the processing time as parameter

and some evaluations evaluate the memory needs as a parameter. Others new discussed architectures try to utilize the different efforts which are needed to run PKC [9].

V. CONCLUSION

Routing, QoS provisioning, energy efficiency, security and multicasting are challenges in WSN. As security is not a product, it is a process, system originator should maintain up to-date with the progresses in attacks on embedded systems. The security of significant systems should be continually reassessed to take new detections into account. The level of security needed from the application should also be marked when preferring hardware. At some indefinite time it might reasonable to put up additional protection, for instance a secure place, around a vulnerable microcontroller.

REFERENCES

[1] R. Muraleedharan and L. A. Osadciw, "Balancing the

performance of a sensor network using an ant system," 2003.

[2] R. Muraleedharan and L. A. Osadciw, "Jamming attack

detection and countermeasures in wireless sensor network using

ant system," SPIE Defence and Security, Orlando, 2006.

[3] P. Apostolos, "Cryptography and Security in Wireless Sensor

Networks," FRONTS 2nd Winterschool Braunschweig,

Germany, 2009.

[4] E. Yoneki and J. Bacon, "A survey of Wireless Sensor Network

technologies," 2005.

[5] J. P. Walters, et al., "Wireless sensor network security: A

survey," Security in distributed, grid, mobile, and pervasive

computing, p. 367, 2007.

[6] P. Mohanty, et al., "Security Issues in Wireless Sensor Network

Data Gathering Protocols: A Survey," Journal of Theoretical

and Applied Information Technology, pp. 14-27, 2010.

[7] T. Zia and A. Zomaya, "A security framework for wireless

sensor networks," 2006.

[8] L. L. Fernandes, et al., "Secure Routing in Wireless Sensor

Networks," 2007.

[9] H. Modares, "A scalar multiplication in elliptic curve

cryptography with binary polynomial operations in Galois

Field," 2009.

[10] H.-J. Kim, et al., "A method to support multiple interfaces

mobile nodes in PMIPv6 domain," presented at the Proceedings

of the 2nd International Conference on Interaction Sciences:

Information Technology, Culture and Human, Seoul, Korea,

2009.

[11] W. Xu, et al., "The feasibility of launching and detecting

jamming attacks in wireless networks," 2005, pp. 46-57.

[12] P. B. Jeon, "A pheromone-aided multipath QoS routing protocol

and its applications in MANETs," Citeseer, 2006.

[13] H. K. Kalita and A. Kar, "Wireless sensor network security

analysis," International Journal of Next-Generation Networks

(IJNGN), vol. 1, pp. 1–10, 2009.

[14] A. D. Wood and J. A. Stankovic, "Denial of service in sensor

networks," Computer, vol. 35, pp. 54-62, 2002.

[15] Y. C. Hu, et al., "Packet leashes: a defense against wormhole

attacks in wireless networks," 2003, pp. 1976-1986 vol. 3.

[16] H. Deng, et al., "Routing security in wireless ad hoc networks,"

Communications Magazine, IEEE, vol. 40, pp. 70-75, 2002.

[17] B. Awerbuch, et al., "An on-demand secure routing protocol

resilient to byzantine failures," 2002, pp. 21-30.

[18] W. Enck, et al., "Exploiting open functionality in SMS-capable

cellular networks," 2005, pp. 393-404.

[19] Y. C. Hu, et al., "Rushing attacks and defense in wireless ad hoc

network routing protocols," 2003, pp. 30-40.

310

[20] Y. C. Hu, et al., "SEAD: Secure efficient distance vector routing

for mobile wireless ad hoc networks," Ad Hoc Networks, vol. 1,

pp. 175-192, 2003.

[21] A. Perrig, et al., "SPINS: Security protocols for sensor

networks," Wireless networks, vol. 8, pp. 521-534, 2002.

[22] S. Peter, et al., "Public key cryptography empowered smart dust

is affordable," International Journal of Sensor Networks, vol. 4,

pp. 130-143, 2008.

311