Wireless Sensor Network Security
Download as PPTX, PDF1 like305 views
While wireless sensor networks face security challenges, addressing issues like confidentiality, integrity, and availability is critical for successful deployment. The document discusses these security requirements and explains how attacks can target different network layers. It provides examples of physical layer attacks like jamming and tampering. At higher layers, attacks include collisions and resource exhaustion in the data link layer, and spoofing, selective forwarding, sinkholes, Sybil attacks and wormholes in the network layer. Transport layer attacks involve flooding and desynchronization. Confidentiality, integrity, and cryptography are also discussed as important security concepts for wireless sensor networks.
Wireless Sensor Network Security
- 2. While the future of WSNs is very prospective, WSNs will not be successfully deployed if security, dependability and privacy issues are not addressed adequately. These issues become more important because WSNs are usually used for very critical applications. Furthermore, WSNs are very vulnerable and thus attractive to attacks because of their limited prices and human-unattended deployment. Security Requirements: Confidentiality (encryption) Integrity (e.g., identity Management, digital signatures) Availability (protection from denial of Service). Introduction
- 3. Data Confidentiality Data confidentiality is the most important issue in network security. Every network with any security focus will typically address this problem first. In sensor networks, the confidentiality relates to the following : A sensor network should not leak sensor readings to its neighbors. Especially in a military application, the data stored in the sensor node may be highly sensitive it is extremely important to build a secure channel in a wireless sensor network.
- 4. Data Integrity With the implementation of confidentiality, an adversary may be unable to steal information. However, this doesn’t mean the data is safe. The adversary can change the data, so as to send the sensor network into disarray. For example, a malicious node may add some fragments or manipulate the data within a packet. This new packet can then be sent to the original receiver. Data loss or damage can even occur without the presence of a malicious node due to the harsh communication environment. Thus, data integrity ensures that any received data has not been altered in transit.
- 5. Adjusting the traditional encryption algorithms to fit within the wireless sensor network is not free, and will introduce some extra costs. But all these approaches weaken the availability of a sensor and sensor network for the following reasons: Additional computation consumes additional energy . Additional communication also consumes more energy . A single point failure will be introduced if using the central point scheme . Availability
- 6. Challenges For WSNs to become truly ubiquitous, a number of challenges must be overcome. Challenges and limitations of wireless sensor networks include the following: Limited functional capabilities, including problems of size Power factors Node costs Environmental factors Transmission channel factors Topology management complexity and node distribution
- 7. Encryption-decryption techniques meant for the traditional wired networks are not capable in WSN. Wireless sensor networks consist of tiny sensors which really suffer from the lack of processing, memory and battery power. Applying any encryption scheme requires transmission of extra bits. Cryptography
- 8. Steganography WSN is not directly related to steganography and processing multimedia data (like audio, video) with the inadequate resources of the sensors is difficult.
- 9. Taxonomy of Attacks Wireless networks are vulnerable to security attacks due to the broadcast nature of the transmission medium. Furthermore, WSNs have an additional vulnerability because nodes are often placed in a hostile or dangerous environment where they are not physically protected. For a large-scale sensor network, it is impractical to monitor and protect each individual sensor from physical or logical attack. Attackers may device different types of security threats to make the WSN system unstable
- 10. WSN attacks categorized at different layers: A. Physical layer: Attacks at the physical layer include jamming and tampering. Jamming: Jamming is a type of attack which interferes with the radio frequencies that a network’s nodes are using .An attacker sends some radio waves at the same frequency that it is used by wireless sensor networks .A jamming source may either be powerful enough to disrupt the entire network or less powerful and only able to disrupt a smaller portion of the network.
- 11. Tampering: Another physical layer attack is tampering . Given physical access to a node, an attacker can extract sensitive information such as cryptographic keys or other data on the node. The node may also be altered or replaced to create a compromised node which the attacker controls.
- 12. B. Data link layer: Attacks at the link layer include collisions, resource exhaustion. 1- Collisions: A collision results when two nodes trying to send data on same frequency. When packets collide, a change will likely occur in the data portion, causing a checksum mismatch at the receiving end. packet will then be discarded as invalid. An adversary may strategically cause collisions in specific packets such as ACK control messages. A possible result of such collisions is the costly exponential back-off. The adversary may simply violate the communication protocol and continuously transmit messages in an attempt to generate collisions . 2- Exhaustion: Repeated collisions can also be used by an attacker to cause resource exhaustion . For example, a naive link-layer implementation may continuously attempt to retransmit the corrupted packets. Unless these hopeless retransmissions are discovered or prevented, the energy reserves of the transmitting node and those surrounding it will be quickly depleted
- 13. C. Network layer: The attacks in the network layer include the following: 1. Spoofed, Altered, or Replayed Routing Information: The most direct attack against a routing protocol in any network is to target the routing information itself while it is being exchanged between nodes. An attacker may spoof, alter, or replay routing information in order to disrupt traffic in the network . These disruptions include the creation of routing loops, attracting or repelling network traffic from select nodes, extending and shortening source routes, generating fake error messages, partitioning the network, and increasing end-toend latency.
- 14. 2- Selective Forwarding: A significant assumption made in multihop networks is that all nodes in the network will accurately forward received messages. An attacker may create malicious nodes which selectively forward only certain messages and simply drop others One form of this attack is Black hole 3- Sinkhole: In a sinkhole attack, an attacker makes a compromised node look more attractive to surrounding nodes by forging routing information . The end result is that surrounding nodes will choose the compromised node as the next node to route their data through. This type of attack makes selective forwarding very simple, as all traffic from a large area in the network will flow through the adversary’s node.
- 15. 4- Sybil: The Sybil attack is a case where one node presents more than one identity to the network . It was originally described as an attack intended to defeat the objective of redundancy mechanisms in distributed data storage systems in peer-to-peer networks . A Sybil attack is attack in which an attacker destabilizes the reputation scheme of a peer-to-peer network by creating a huge number of pseudonymous entities, using them to gain a disproportionately big influence
- 16. 5- Wormhole attack: Wormhole attack needs to insert at least two malicious nodes in the network and these nodes are connected by a powerful connection wormhole is low latency link between two portions of a network over which an attacker replays network messages . This link may be established either by a single node forwarding messages between two adjacent but otherwise non- neighboring nodes or by a pair of nodes in different parts of the network communicating with each other.
- 17. Hello Flood Attacks: An attacker sends or replays a routing protocol’s HELLO packets from one node to another with more energy. This attack uses HELLO packets as a weapon to convince the sensors in WSN. In this type of attack an attacker with a high radio transmission range and processing power sends HELLO packets to a number of sensor nodes that are isolated in a large area within a WSN. The sensors are thus influenced that the adversary is their neighbor. As a result, while sending the information to the base station, the victim nodes try to go through the attacker as they know that it is their neighbor and are ultimately spoofed by the attacker
- 18. D. Transport layer: Two possible attacks in this layer, flooding and desynchronization, Flooding: Whenever a protocol is required to maintain state at either end of a connection it becomes vulnerable to memory exhaustion through flooding . An attacker may repeatedly make new connection requests until the resources required by each connection are exhausted or reach a maximum limit. In either case, further legitimate requests will be ignored