Secure Systems Research Group - FAU Introduction to Wireless Sensor Networks and its Security Concerns 8/20/2009 Anupama Sahu

Secure Systems Research Group - FAU

Introduction to

Wireless Sensor Networks and its Security Concerns

8/20/2009

Anupama Sahu


Wireless Sensor Networks (WSNs)

Outline• Definition• Characteristics• Applications• Components of a Sensor node• WSN architecture• Operations in WSN• Security Concerns


Definition of WSN

A WSN is a deployment of massive number of small, inexpensive, self-powered devices that can sense, compute, and communicate with other devices for the purpose of gathering local information to make global decisions about a physical environment.

These self-powered devices are called sensors.

In WSN the position of sensor nodes need not be engineered or predetermined. Hence random deployment in inaccessible terrains is possible.


Characteristics of WSN

Sensors are small and inexpensive. Sensor nodes are densely deployed Can monitor and control the physical location

remotely Have limited resources:

• CPU: 1 ~ 8 MHz• Radio: 40 – 250 kbps• Memory: 48 – 124 KB• Battery life • Radio more expensive

Easy to deploy


Characteristics of WSN

Can operate in harsh conditions They are autonomous in nature.

• Self-configuring• Self-calibrating• Self-identifying• Self-reorganizing

Low maintenance Have dynamic topology Easy to upgrade Sensor nodes mainly use a broadcast communication

paradigm


Applications of WSN

Military Applications:• battlefield surveillance, target detection & recognition

Ocean bottom surveillance: • detect & track submarines,• monitor events, e.g. seismic and animal activity

Environment and habitat monitoring:• Environment sensors used to study vegetation response

to climate• trends and diseases• Acoustic and imaging sensors can identify, track and

measure the population of birds and other species


Applications of WSN

Traffic Control:• Intersections use sensors to detect vehicles and control traffic lights• Sensors can be attached to vehicles; during movement, vehicles can exchange information on traffic jams, speed and density of traffic (VANET)

Infrastructure security and counterterrorism:• Networks of video, acoustic, and other sensors deployed around critical buildings and facilities like burglar alarm systems is museums and fire alarms in hotels


Applications of WSN Industrial sensing:

• insertion of sensors into regions inaccessible by humans e.g. Oil refinery has sensors to measure pressure and temperature in pipes

• lowering cost and improving machine performance and maintainability e.g. chemical manufacturing plant and semiconductor manufacturing plant

Disaster recovery:• densely deploy sensors in a disaster area

• help locate survivors and find safe evacuation paths,

• alert nearest emergency response team Inventory:

• items have attached tags, stick-on sensors attached to walls or embedded in floors and ceilings to track the location history and use of items


Applications of WSN

Health care:• patient monitoring at home, in-hospital communication, out-

hospital monitoring • e.g. CodeBlue [4] is a wireless infrastructure intended for

deployment in emergency medical care, integrating low-power, wireless vital sign sensors, personal digital assistants (PDAs), and PC-class systems.

• e.g. Scalable Medical Alert Response Technology (SMART) [5] is a system for patient tracking and monitoring that begins at the emergency site and continues through transport, triage, stabilization, and transfer between external sites and healthcare facilities, as well as within a healthcare facility.


Architecture of WSN in healthcare applications


Components of a Sensor Node


WSN Architecture

Basic architecture: • This includes one BS, many sensors and data is collected at the BS• Each sensor node has dual role: data collector + router• The main task of a sensor node is to detect events, perform quick local data processing and transmit data


WSN Architecture

Clustered Architecture:• data is transmitted from sensors to

cluster heads and from cluster heads

to the base station• the cluster heads alternate in time

Heterogeneous Architecture:• Network elements have different capabilities• This is used to increase network

lifetime and reliability as well as

decrease end-to-end latency


WSN Architecture

Wireless sensor and actor (actuator) networks (WSAN):• Sensors gather information about the physical world and

actuators take decisions and then perform appropriate actions on the environment

• e.g. water sprinklers in buildings and agricultural lands


Operations in WSN

Data/interest dissemination:• Sinks broadcast the interest to or query the sensors, or• Sensors broadcast an advertisement for the available data

and wait for request from interested nodes• Flooding, gossiping, rumor routing, directed diffusion are

some of the available methods Data gathering:

• Base station (BS) is fixed and located far from the sensors• Transmit or gather sensed data from each sensor node to the

sink or BS• Data reporting could be periodic or event based• Data gathering is organized in rounds • LEACH (Low-Energy Adaptive Clustering Hierarchy) is a

clustering based data gathering protocol.


Operations in WSN

• PEGASIS (Power-Efficient Gathering in Sensor Information Systems) is a proactive data gathering protocol

• Directed Diffusion is a reactive routing technique which means that routes are established on-demand

Data aggregation / data fusion:• Data coming from multiple sensor nodes can be aggregated

or combined into a set of meaningful information, if they are related to the same attribute of the phenomenon

• Solve implosion (duplicate message sent to the same node) and overlap (close nodes sense and report the same parameters) problems


Operations in WSN

Data storage:• External storage: In this, a centralized server, outside the

sensor network is used for collecting and storing sensed data

• Data-centric storage: In this, the data is stored at nodes in the network, depending on the event type

• Local storage (e.g. directed diffusion): In this a source sends data to the sink only when the sink has queried the data

• Index-based data storage: In this, information about storing nodes is maintained at index nodes, based on the event type


Security concerns and attacks in WSN

Security goals: authentication, authorization, confidentiality, data integrity, accountability, data availability and freshness, controlled access

WSNs consist of small nodes that are spread over a possibly hostile area

Constraints in memory and computational capabilities are a serious obstacle for implementing cryptographic algorithms

The nodes might be physically accessed by attackers, could be invasive or non-invasive e.g. node capture

Finite energy of sensor nodes is a concern as there are attacks that force sensors to exhaust their energy quickly and to die otherwise known as battery drainage attacks

Denial of service attacks Node replication attacks Man-in-the-middle attack: read, replay, block, modify



Attacks on Network Communication Stack:• Physical layer: jamming is the interference with the RF

used by nodes to communicate in the network• Link layer: causing collisions with the packets in

transmission

• Network and Routing layer: Black Holes: This attack is launched against distance

vector routing protocols. A compromised node advertises a zero or a very low cost to its neighbors so that large number of packets get routed towards it.

Wormhole attack: in this attack the adversary node tunnels the messages to another part of the network through a low latency link, and then replays them.



Spoofed, altered, replayed packets: This attack targets the routing information used by nodes which could lead to creating routing loops and increase the end to end delay

Selective forwarding: in this attack the compromised node only forwards a fraction of the packets it receives and drops the rest

Sinkhole attack: in this attack the adversary tries to attract most of the traffic toward the compromised nodes.

• Transport layer: Flooding attack results in sending duplicate messages to the same node and overlapping

Sybil attack refers to the scenario when a malicious node pretends to have multiple identities. The malicious node can claim false identities (fabricated identities) or impersonate other legitimate nodes in the network (stolen identities).


Importance of security in WSN Unsecure hotel sensor network simply sends all sensed

information over wireless network to base station, without using encryption

• Outcome: Gives attacker an idea of the occupancy of the hotel

Unsecured WSN in chemical plants and oil refineries• Outcome: Attacker could forge pressure/temperature

readings. The control center would then process fake data and perform incorrect operation which might lead to accidents.

Unsecured WSN in Manufacturing applications• Outcome: Competitors can detect production volumes

and manufacturing defects. Unsecured WSN in Power grid surveillance

• Outcome: Malicious data injection Unsecured WSN in Health care applications

• Outcome: patient privacy is compromised, patient data tampering can lead to wrong medication


WSN security requirements and possible solutions


References

[1] Wireless Networks Design and Optimization class notes

[2] H S Ng, M L Sim and C M Tan, “Security issues of wireless sensor networks in healthcare applications”, BT Technology Journal, Vol 24 No.2, April 2006

[3] http://www.truststc.org/pubs/231/SIRI2006.pdf

[4] Lorincz K, Malan D J, Fulford-Jones T R F, Nawoj A, Clavel, Shnayder V, Mainland G, Welsh M and Moulton S: ‘Sensor networks for emergency response: challenges and opportunities’, Pervasive Computing, IEEE, 3, pp 16—23 (2004).

[5] Waterman J, Curtis D, Goraczko M, Shih E, Sarin P, Pino E, Ohno- Machado L, Greenes R, Guttag J and Stair T: Demonstration of SMART (Scalable Medical Alert Response Technology)’, in AMIA 2005 Annual Symposium, Washington DC, American Medical Informatics Association (2005).


Questions?

Documents

Secure Systems Research Group - FAU Introduction to Wireless Sensor Networks and its Security Concerns 8/20/2009 Anupama Sahu