This project is funded by Structural Funds of the European Union (ESF) and state budget of the Czech Republic

Overview on Security and Privacy Issues in Wireless Sensor

Networks Dr. Tarek Gaber

Computer Science Department,

VSB-Technical University of Ostrava, Czech

Faculty of Computers & Informatics

Suez Canal University, Ismailia, Egypt

Lecture Outlines

Why security is important in WSN

Algorithms to achieve security services

Why security is complex in WSN

Some Attacks to WSN

Trust and Reputation in WSN

Security, functionality, and ease of use

How to Stay Safe While using WiFi

Why Security is Important for WSN

• WSNs have many applications e.g.:

– military, homeland security

– assessing disaster zones

– Others.

• This means that such sensor networks have mission-critical tasks.

• Security is crucial for such WSNs deployed in these hostile environments.

Why Security is Important for WSN

• Moreover, wireless communication employed by WSN facilitates

– eavesdropping and

– packet injection by an adversary.

• These mentioned factors require security for WSN during the design stage to ensure operation safety, secrecy of sensitive data, and privacy for people in sensor environments.

Algorithms to achieve security services

Symmetric Encryption

Example: AES Algorithm

Asymmetric Encryption

Example: RSA Algorithm

Hash Function/Algorithm

Digital Signature

Why Security is Complex in WSN

• Because of WSNs Characteristics:

– Anti-jamming and physical temper proofing are impossible

• greater design complexity and energy consumption

– Denial-of-service (DoS) attack is difficult

• Sensor node constraints

– Sensor nodes are susceptible to physical capture

• Deploying in hostile environment.

– eavesdropping and injecting malicious message are easy

• Using wireless communication

Why Security is Complex in WSN • Because of WSNs Characteristics:

– maximization of security level is challenging

• Resource consumption

– asymmetric cryptography is often too expensive

• Node constraints

– centralized security solutions are big issue

• no central control and constraints, e.g. small memory capacity.

• Cost Issues

– Overall cost of WSN should be as low as possible.

Typical Attacks to WSN

Physical Attacks • Environmental

– Permanently destroy the node, e.g., crashing or stealing a node.

• Attacks at the Physical Layer – Jamming: transmission of a radio signal to interfere with WSN radio

frequencies. – Constant jamming: No message are able to be sent or received. – Intermittent jamming: Nodes are able to exchange messages periodically

Jamming Attack Countermeasure

• Most common defense against jamming attacks is to use spread-spectrum communication techniques • there are different channels to deliver the signal

Physical Attacks • Node Capture Attacks

– routing functionalities

• Countermeasure

– tamper-proof features • Expensive solution

– Self-Protection

– disable device when attack detected

Attacks on Routing • Sinkhole attack

– attacker tries to attract the traffic from a particular region through it

• Solution:

– Watchdog Nodes can start to trace the source of false routing information

Attacks on Routing • Sybil attack (Identity Spoofing)

– attacker claims to have multiple identities or locations

– provide wrong information for routing to launch false routing attacks

• Solutions: – Misbehavior Detection.

– Identity Protection

Privacy Attacks

• Attempts to obtain sensitive information collected and communicated in WSNs

– Eavesdropping

• made easy by broadcast nature of wireless networks

– Traffic analysis

• used to identify sensor nodes of interest (data of interest),

WSN Privacy Issues Cont.

WSN Privacy Issues Attack

Trust and reputation in WSN

WSN Traditional Security Techniques

• Cryptographic primitives and authentication mechanisms are not suitable for WSNs

– Asymmetric cryptography is often too expensive

– Node constraints

– power consumption

– centralized security administration

– Once the keys are leaked, security mechanisms may become ineffective

Trust and Reputation

• Examples of reputation systems:

– eBay reputation system, …

• Relationship between reputation and trust:

– Reputation can be used as an output in order to derive trust

• These systems can:

– identify malicious nodes,

– computes a trust rating of the node and

– exclude the nodes from the network

– offer a prediction of one's future behavior,

Trust Systems

Example of Trust in WSN • In order to find a secure route,

– Trust values will be evaluated

– the trust results will help to select the trustworthy next-hop node

– through the trusted nodes, the source node will forward data to the sink node

The Security, Functionality, and Ease of Use Triangle

How to Stay Safe While using WiFi

• Treat all public WiFi links with suspicion: It’s virtually impossible to tell the difference between a safe and an unsafe network.

• When using public WiFi, avoid doing anything sensitive: Don’t buy anything, login to your financial accounts, or even send email when accessing public WiFi networks. Wait until you get back home to your secure network to do those kinds of things. Better to be safe than sorry.

• Make sure you are using antivirus software: It’s not a foolproof solution, but antivirus software can help repel most known attacks.

• Think about using identity protection and monitoring services: This is a great way to protect yourself and your family from identity theft.

• Use a VPN: A VPN like PRIVATE WiFi allows you to use public WiFi networks as if they were private and secure. A VPN is a good solution to possible man-in-the-middle attacks if you must use public WiFi.

References • Dargie, Waltenegus, and Christian Poellabauer. Fundamentals

of wireless sensor networks: theory and practice. John Wiley & Sons, 2010.

• http://techathon.mytechlabs.com/web-application-security-testing/

• Kumar, Pardeep, and Hoon-Jae Lee. "Security issues in healthcare applications using wireless medical sensor networks: A survey." Sensors 12.1 (2011): 55-91.

• http://www.privatewifi.com/csid-recommends-using-a-vpn-to-stop-man-in-the-middle-attacks/

• http://techathon.mytechlabs.com/web-application-security-testing/

• http://en.kryptotel.net/encryption.html

Thank you

Dr. Tarek Gaber

Ostrava, ….. (04 December 2014)

This project is funded by Structural Funds of the European Union and state budget of the Czech Republic