Wireless Sensor Network Security Seth A Hellbusch CMPE 257 Wireless Sensor Networks WSN The main characteristics of a WSN include Power consumption constrains for nodes using batteries or energy harvesting Ability to cope with node failures Mobility of nodes Dynamic network topology Communication failures Heterogeneity of nodes Scalability to large scale of deployment Ability to withstand harsh environmental conditions Easy of use Unattended operation 2 WSNs Implementations Monitoring Oceanic Wildlife Manufacturing Machinery Performance Build safety Earthquakes Military Cont 3 WSN Security Papers 4 Security in Wireless Sensor Networks Adrian Perring John Stankovic David Wagner 06 2004 Wireless Sensor Network Security Analysis Hemanta Kumar Kalita Avijit Kar 12 2009 Security in Distributed Grid Mobile and Pervasive Computing Chapter 16 Wireless Sensor Network Security A Survey Yang Xiao 04 2007 Paper 1 Security in WSNs Sensor networks pose unique security challenges Limited energy computation and communication capabilities Deployed in accessible areas adding to physical attack risk Interact closely with physical environment Existing network security techniques are inadequate Traditional network security cannot be directly applied Extensive new research is required Paper Topics Secure Systems and Challenges Network Security Services Future Research Challenges 5 A Secure System Security Challenges for a secure WSN system include Key Establishment and Trust Setup Secrecy and Authentication Privacy Robustness to Communication Denial of Service Secure Routing Resilience to Node Capture 6 Key Establishment and Trust Setup 7 Establishment of Cryptographic Keys Public key primitives overhead limited computation Need to be able to scale for thousands of nodes Key setup between individual nodes Potential Solutions Network wide shared key Establish link keys through initial shared key Preconfigured symmetric link keys Bootstrapping keys Random key predistribution pools Hardware support for public key crypto Secrecy and Authentication WSNs must provide protection against eavesdropping injection and modification Cryptography is standard defense End to end High level of security Requires key management Link layer Easier and more common to deploy Still allows intermediate node threat Hardware and Software based HW cost vs SW computation Performance and packet size challenges Cryptography increases packet sizes 8 Privacy Sensor networks pose potential privacy concerns Secret surveillance Spying Smaller devices are easier to conceal Surveillance deployments increase as cost goes down Many potential il legitimate uses cases Tracking of people and vehicles Data collection analysis distribution May need new laws to address potential issues 9 Robustness to Com DoS DoS can severely limit value of WSNs Potential Attacks High energy broadcasts Link layer violation RTS CTS Counter measures Spread spectrum radios Routing around 10 Secure Routing Data forwarding key service in WSNs Malicious routing information can be injected Simple routing authentication Secure routing challenges Replay attacks Node capture Need more research in this area 11 Resilience to Node Capture One of the most challenging security aspects of WSNs Physical security often neglected Accessible deployments Adversaries may capture nodes Extract crypto keys Reprogram Replace Counter Measures Tamper resistance Replicated network state voting cross checking Redundancy 12 Network Security Services High level Security Mechanism for WSNs Secure Group Management Data analysis and aggregation by groups Intrusion Detection Fully distributed decentralized IDS Secure Data Aggregation Common in WSNs Random node sampling for threats 13 Research Challenges WSN system research generally more challenging than traditionally wireless networks What could help Architect security solutions in new research Single administration domains to simplify threat model Utilize characteristics of WSNs Redundancy Scale Collective computation Needed solutions Toleration of the lack of physical security Individual node computation restrictions 14 Paper 2 WSN Security Analysis Wireless Sensor Networks Motivations Diverse application domains Dense deployments Perform many applications Signal processing Computation Self configuration Scalable robust long living Paper Topics WSN Architecture WSN Security Threat Analysis Counter Measures 15 network scheduling communication between devices i e configu management of the routing tables and monitoring and reporting network 16 WSN Architecture Security manager The Security Manager is responsible for the gene management of keys Sensor Nodes Field Devices Sensor Processing Routing Gateway Access Point Access to host application Network Manager Configuration Scheduling Monitoring Security Manager Key management Figure 1 WSN Architecture 3 WSN SECURITY ANALYSIS Simplicity in Wireless Sensor Network with resource constrained nodes ma WSN Security Threat Analysis Simplicity can potentially increase vulnerability Many potential attacks Will cover the classifications next Must provide various security properties Confidentiality Integrity Authenticity Availability This paper covers a very comprehensive potential threat matrix Even though this paper focuses on WSNs many of these attacks apply to other wireless networks and security 17 WSN Security Threats 1 Denial of Service 1 2 3 4 Jamming Tampering Collision Exhaustion Unfairness Neglect Greed Homing Spoofing Black Holes Flooding Flooding De synchronization 2 Interrogation 2 3 Sybil 1 2 3 Multiple Identities or places at once Data Aggregation Voting Multiple Identities 4 5 6 7 8 9 Wormholes 3 Sinkholes 3 Manipulating Routing Info 3 Selective Forwarding 3 HELLO Flood 3 Acknowledgement Spoofing 18 10 Cloning 5 11 Impersonation Replication 12 Eavesdropping 13 Traffic Analysis 14 Mote Class Insider Threat 15 Invasive Probing Reversing 16 Non Invasive Side Channel 17 Laptop Class Passive Eavesdropping Traffic Injection 18 Attack on Protocol Key Management Reputation Assignment Scheme Data Aggregation Time Synchronization Intrusion Detection Systems WSN Counter Measures Threat Counters Methodologies Outsider Attacks and Link Layer Security Sybil HELLO Flood Wormholes Sinkholes Leveraging Global Knowledge Selective Forwarding Authenticated Broadcast Flooding OSI Layer Wise Threats 19 WSN Counter Measures 2 20 Outsider Attacks and Link Layer Security Majority prevented by link layer encryption