Analysis of Security Protocols for Wireless Sensor Networks
Fasee Ullah, Masood Ahmad, Masood Habib, Jawad Muhammad
Department of Computer Sciences
City University of Science & Information Technology
Peshawar, Pakistan
faseekhan@gmail.com, masood.ahmadpk@yahoo.com, masoodshalmani@gmail.com, jadoo_84@yahoo.com
Abstract—Sensor network is one of the authoritative leading
technology of current century. Security is the main concern for
everything whether it is for wired based networks or wireless
based networks. So far, many of the researches have thought to
physically implement the sensor nodes and sensor networks for
secure communications but they did not think over it for
security perspective.
Sensor network works in very resource constraint environment.
Due to these security reasons, we present various protocols to
provide the basic needs of data security that are:
confidentiality, authentication, freshness and authenticated
broadcasting because this broadcasting requires some
techniques or protocols to securely communicate with other
sensor node(s). Other issues in sensor networks are power
management, computation overhead and low memory capacity.
Keywords- Sensor; Security Protocols; SPINS; LEAP;
TinySec;
I. INTRODUCTION
Wireless Sensor Network (WSN) consists of a group of
sensors called nodes, interconnected with each other [1].A
sensor is a device that has sensing and receiving capability
to sense and receive a signal and react to that signal in
individual manner. Sensor network comprises multiple signal
detection nodes titled as sensor nodes [2]. Each node is
smaller in size and communicates with other nodes in short
range distance. Sensor node requires high power to process
routine data for various decision making purposes.
Sometimes Wireless Sensor Networks (WSNs) are also
known as Distributed Wireless Sensor Networks (DWSNs)
because all the nodes are scattered in different areas
according to the application requirements. Sensor networks
can be deployed for health monitoring, various industrial
usages, air traffic monitoring, under water sensing and robot
sensing control. Sensor technology is one of the cheapest
technologies to provide security in very restrictive
environments. These kinds of technologies are gaining
popularity day by day due to best efficiency of security and
low cost. Therefore, various protocols and techniques have
been studied to provide enough security mechanisms to
adjust the requirements of sensor networks, for example, data
exchange between two parties for authentication,
confidentiality, integrity and also provides broadcast
authentication of information.
___________________________________
978-1-61284-840-2/11/$26.00 ©2011 IEEE

This rest of the paper is divided into different sections as
follows: Literature review shows in section II while critical
review depicts in section III and finally the conclusion with
future work in this paper has been presented.
II. LITRATURE REWIEW
Some security protocols have been reviewed; each one
has its own communication mechanism between node and
Base Station. In large communication networks collecting
information securely is challenging.
SIA [3] (Secure Information Aggregation from Sensor
Network) defines a method of how to query from sensor and
collects information. Sometimes remote users give query to
return the appropriate result(s) of all raw collected data of
each sensor, so sensor does not return the actual needed
query results and returns all the raw affected data. Therefore,
it is necessary to process all the queries locally and sends
back to remote users. It requires some specific setting for
dedicated nodes in the sensor network, called aggregators
[3]. According to author, he proposed a framework which is
called "aggregate-commit-prove [3] “. In this framework,
the aggregate is not only to perform the correct task but also
provides the confidentiality of “prove of valid task”. To
encrypt the sensed information uses commit approach.
Some weaknesses of this proposed frame works is
Denial-Of-Service (DOS) attack and stealthy attack. In
stealthy attack, an adversary creates false perception of
results to show the user as valid information although this
result is not correct according to the measured values. The
weakness of this paper is also availability of low resources
for sensor such as memory, computation capability and low
power capacity.
This strength of this paper is to calculate and finds out the
relevant information queried by users. The proposed
framework is efficient for information gathering and
verification.
Scalability is another issue for wireless based networks
when network grows gradually. Various researches have
been done but the best solution is provided by [4].
In [4], author proposed a model for scalability. This
model is especially designed for security and reliability of
sensor network. The primary focus of the writer of this
report is on the scalable security of sensor network topology
and also presents some core sub networks with protection
whenever tampering occurs in it. The scalable security
model is divided into two categories (a) Core Sensors and (b)
Additional Sensors. These two security model are used for
scalability purposes.
Threats can be of two types: human and environmental.
The vulnerability of this paper according to the author is
that the threats can generate in gathered information of an
organization. This kind of threat attack is to take
information during processes. The strength for these kinds
of attacks is: one should properly define the security tier of
threats and should calculate the probability level of
accidence. Some major weaknesses are: events, physical
interface, key management, correct information gathering,
hardware and software issues etc.
The strength of core sensors has high computation, high
bandwidth and high battery capability. The major weakness
of additional sensors is: limited computation power, low
battery, short distance range and small in size as compared
to the core sensor. This model is not efficient because it
creates a lot of overhead during authentication, key
management etc.
IEEE 802.15.4 sensors define “both physical (PHY) and
Medium Access control (MAC) specification [5]”.
MAC protocol is placed on the top of physical layer. The
principal subject of this adopted protocol is how to access
the path of the available paths throughout the network
without any misbehave. The most important goal of MAC is
to focus on energy efficiency in sensor networks. Sensor
network MAC in the recent study indicates that there is no
clear converging style available towards best solution of
medium access for sensor networks. One of the early
encouraging steps towards sensor network architecture is
Polastre et al. Sensornet Protocol (SP) [6]. This SP occurs
between network layer and data link layer and provides an
acceptable and standardized interface for MAC protocol.
The basic function of SP is to process the data which is
occurred at each node and not at the end points. The
strength of MAC protocol during communication is:
• Must filter all incoming messages
• Must be guaranteed with flawless messages
• Must detect congestion in advance when it is
Occurring
• Must schedule to avoid overlapping
The vulnerability of MAC at data link layer is to waste
energy such as collision and wastage of bandwidth, packet
overhead.
According to security issues, MAC must provide
protection against eavesdropping and malicious threats. This
is the strength of MAC.
TinySec [7] protocol requires low computation power
available for sensors. This protocol is freely available in
TinyOS. This is platform independent. Developers can use
easily for sensor network applications. The experimental
results on a 36 nodes network deployed to show link layer
protocol feasible because of low overhead.

One question arises in mind why Link layer security is
important for sensor network because sensor network
processes the information in network such as data
aggregation, to remove data duplication, traffic overhead
and to save energy.
In end-to-end system delivery of packets, there are
weaknesses due to some security threats such as Denial Of
Service (DOS) attack. Integrity of a message is checked at
the destination point to know the status of the packet
whether it has reached safely or not if the adversary has
injected some packets before reaching to the destination so
this kind of attack is just wasting the resources of network
such as bandwidth and power consumption of a sensor node.
The strength of this protocol is to detect the unauthorized
and injected packets before reaching to destination at the
link layer. TinySec gives two security protocols (i)
“Authenticated encryption (TinySec-AE) (ii) authentication
only (TinySec-Auth) [7]”. In the first case, the actual data is
encrypted and authenticates with the MAC. In the second
case, the full packet is authenticated with MAC but the
actual/payload data is not encrypted.
MAC also provides best security mechanism but security
mechanism strength of TinySec has its own style with low
overhead because sensor nodes have less storage capacity
and less power availability.
This security protocol model is very flexible in manner to
provide link layer security.
The strength of LEAP [8] protocol is to solve key
management issues in-network processing. Four types of
keys used for each sensor node, they are: “an individual key
shared with the base station, a pairwise key shared with
another sensor node, a cluster key shared with multiple
neighboring nodes, and a group key that is shared by all the
nodes in the network [8]”.
In Individual key distribution, each node has assigned a
unique key that unique key is shared with pairwise to the
base station for secure communication between Base station
and node.
In Pairwise key distribution every node shares its
pairwise key with its each immediate node in network. This
pairwise key is used for privacy and source authentication.
Cluster keys are smaller than group keys. This cluster key is
shared with each node and each node should share this key
with its all neighbors. The purpose of key is to secure the
message broadcast locally.
Group keys are globally defined where each group
member node can access and share its messages. This kind
of key is used between Base station and group member
nodes. The Base station simply broadcast the message to the
group nodes.
The strength of this protocol is to keep low overhead
during key management because sensor nodes and Base
station work on totally keys (shared keys). The weakness of
this protocol is only for sensor nodes because of again low
memory capacity, low storage, and low computation process
but these are not for Base station because Base station
broadcast, store and authenticate the sensor nodes
information.
MiniSec [9] is another security protocol. The strength of
this protocol is to secure the network layer. This is the first
and generally implemented security protocol with Telos
sensore motes. It has facilities of both world such as low
energy consumption and high security. It has two operating
methods, single source based communication is the first
method while the second method is based on broadcast
multi source communication channels. This single-source
communication is called Unicast (MiniSec U)
communication while multi-source broadcast
communication is called Broadcast (MiniSec B). Both
security schemes use OCB (Offset Code Book) method to
give authenticated encryption. The working order OCB
scheme as under:
Suppose M is message of variable length and it needs to
be encrypted and H is ordinary message header. Both M and
H need to be authenticated where K is the encryption key
and N is no-repeating value. If the value of N is repeated so
it will be considered as a birthday attack. First OCB takes M,
K, N and generates cipher text core C. At the same time,
OCB uses M plaintext message, C, H and generates a tag of
length τ. The final output of OCBK(N;M;H) is the tuple
(C;tag) [9]. To decrypt this encrypted message on the
receiver side, the receiver will have to do reverse process.
Unicast uses for single node communication while
Broadcast uses for broadcasting or multicasting group of
nodes.
The strength of this protocol is publicly available in
implemented form with low energy consumption and high
security. There is a weak point when large packets are
sending by RF (Radio Frequency), requires high energy
consumption.
The strength of SDAP [10] protocol is data aggregation
hop by hop. This aggregation is one of the most important
approaches to reduce communication overhead and also to
reduce energy consumption during processing of data in
sensor network. In this study, the proposed protocol for
sensors to securely collect the data in sensor network is
called SDAP [10]. This protocol is generally one to secure
data aggregation protocol can apply in multiple groups.
The design principle of protocol is “divide-and-conquer
and commit-and-attest [10]”. It uses probabilistic group
technique in which the whole network is divided
dynamically and the nodes create like a tree topology of
multiple logical groups and subgroups. In group aggregation
of hop by hop data collection is based on the commitment.
The base station then finds out the suspicious groups based
on its group aggregated and finally finds out the suspicious
participates in the group aggregate in the attestation process.
In general, some sensors sense ordinary phenomena to
report back to the Base station (default root) which creates
communication overhead (bandwidth wastage) and energy
consumption. So to reduce data redundancy, divide the
sensor network into groups (tree topology) to verify the

local sensed data before sending to the Base Station. In tree
hierarchy, one will be superior root node of their child node
and one will be default root node of all superior nodes,
which can call Base Station. It contains some weaknesses
that the attack cannot be detected or prevented due to
physical tampering with sensor nodes. In this attack, an
adversary can gain valuable information (e.g. cryptographic
keys) from a compromised node and reprogram it with some
malicious code and it creates a lot of difficulties during
exchange of information in-network such as computation
overhead, power management and memory etc.
This protocol is best during communication with outside
network because no one can enter the network without
physically tempering with it.
LiSP [11] protocol is especially designed for key
distribution purposes. The strength and novel approach of
this security protocol is to (a) rekeying without the need of
acknowledgement or retransmission (b) authenticate each
key disclosure without any additional process (c) detect or
recover any lost key (d) key refreshment without disturbing
ongoing data encryption or decryption and (e) robustness to
inter node clock skew (means to synchronized the clock for
transmission). Due to above said features of protocol
becomes feasible for security.
The proposed architecture presented in “PEG [11]”
(Pursuit Evasion Game), mainly used for connecting Sensor
and other used for connecting Pursuers. For Pursuers, don’t
have any resource limitation and have same radio
transceiver as sensors and also have powerful RF (Radio
Frequency) to communicate with other pursuers. For Sensor
network, “data collection nodes [11]” have to store the event,
process and make available this event data for pursuers.
Data collection node is also called Group Head (GH). The
function of GH in the sensor network is (a) to collect the
different sensed data from events (b) to send or receive data
between pursuers and sensors network.
The vulnerability of this protocol is that it doesn’t believe
on keys security. For security measurement, Intrusion
Detection (ID) system is second option for security. ID
system is used to monitor the anomalies and ongoing traffic
in network.
Main consideration in security of sensor nodes, sensor
network and Base Station are based on SPINS [12] (Security
Protocol for Information via Negotiation) protocol. The
strength of this security protocol is low computation
overhead and provides best security elements and have been
accepted all over the world because they could be easily
implemented on other sensor networks but again the same
weaknesses of this protocol is low power management.
Actually researchers have implemented the sensor nodes but
they did not think for power and memory vulnerability. This
vulnerability has been handled for some interval. This
protocol is used to secure the communication channels from
active and passive attacks and offer two set of protocols
“SNEP and TESLA [12]”.
 SNEP [12] (Secure Network Encryption Protocol)
protocol is used for two party data authentication, data
confidentiality and data integrity. TESLA [12] is micro
version of TESLA. TESLA (Micro Timed Efficient Stream
Loss tolerant Authentication) is responsible for
authenticated broadcast [12]. These two security block uses
symmetric encryption algorithms.
The strength of SNEP [12] protocol provides secure end-
to-end communication. The major achievements of this
protocol are data confidentiality, two party data
authentication, integrity, replay protection and weak
message freshness. Message authentication and integrity can
achieve through Message Authentication Code (MAC).
Wireless communication is totally based on broadcasting
of data. This broadcasting requires some secure
communication channels or protocol(s) to provide surety of
secret data without any tampering by an adversary during
transmission process. This is achieved by μTESLA [12].
Base station and sensor nodes must be loosely time
synchronized and each node has information of upper bound
on maximum time synchronization error.
The strength of SNEP [12] protocol is to securely
communicate between two nodes and securely broadcast by
μTESLA [12]. In weaknesses, there is no fixed topology
infrastructure but these two security protocols provide
enough security in any dense environments.
III. CRITICAL REVIEW
In the literature review, we have seen all the proposed
solutions with their separate merits and demerits. In the
critical review section, we will depict tabular representation
of the previous studied protocols or models in the literature
review section with their complete detailed information as
shown in table 1.
This detail information will provide a brief description
about the security services, threats concerns, reliability of
sensor nodes, sensor network and also gives some
information to care in future.

TABLE I. SUMMARY OF VARIOUS DISCUSSED TECHNIQUES IN LITERATURE REVIEW

Author(s) Name of Summary Identified Proposed Benefits/ Data Implemented Limitation

proposed problem(s) Solution used
technique
Bartosz Remote user gives Once Base Station/ Adversary creates false
Przydatek, SIA: query and returns the aggregator perception of results to
Dawn Song, Secure appropriate result of compromised by The proposed framework show the user as valid
Adrian Perrig Information available raw collected attacker can is Aggregate-Commit- Yes No information although this
2003 Aggregation in data perform denial-of- Prove result is not correct
Sensor Networks service and according to the
Stealthy attack measured values.
This model is designed
for security of sensor threats can
network as well as for generate in It may damage
B. reliability. Main focus gathered high computation, high security systems and
Ksiopolski, Scalable Security of is on the scalable information of an bandwidth and high compromise of
Yes No
Z. Kotulski model security of sensor organization & battery capability availability,
2005 network topology and take information confidentiality,
also presents some during process integrity, non-
core sub networks repudiation, authenticity
with protection
MAC provides the The issue of MAC
Muneeb Ali, best path of given at data link layer is MAC for sensor
SP occurs between
Umar Saif, paths through out the to waste energy networks have no clear
network layer and data
Adam SP: sensor network such as collision directions and solution
link layer and provides
Dunkels, Sensor network without any and wastage of Yes No for energy efficiency,
an acceptable and
Thiemo Voigt, Protocol misbehave but MAC bandwidth, packet eavesdropping,
standardized interface
etc has problem of overhead. malicious behavior etc
for MAC protocol
2006 wastage of resources

Sensor networks End-to-end

process the attacks such as Proposed security Existing schemes are
TinySec: A Link
Chris Karlof, information in denial-of-service protocols are inadequate such as
Layer Security
Naveen network such as data attack & integrity Authenticated encryption IPSec, SSL/TLS,
Architecture for
Sastry, aggregation, to remove (TinySec-AE) and Yes Yes and SSH because of high
Wireless Sensor
David Wagner data duplication, authentication only weight during processes
Networks
2004 traffic overhead and to (TinySec-Auth)
save energy

This protocol is Required a huge

deigned for sensor overhead for Key management was Aim of this protocol to
LEAP: Localized network to solve key verification solved by Individual solve different key issues
Sencun Zhu, Encryption and management issues in- processes in key, Pairwise Key, exchange during
Yes No
Sanjeev Setia, Authentication network processing network Cluster Key and Group communication
Sushil Jajodia Protocol and o observe different keys distributions. To
2003 types of protect different routing
communication paths


 messages between
sensor nodes

Provides to secure An adversary can Best solution to secure

Mark Luk, MinSec: sensor network at overhear, alter, hop-to-hop Problems in broadcasting
Ghita A Secure Sensor Network layer with intercept or may communication with low of messages with
Mezzour, Network basic properties: change message overhead by used of Yes Yes insecure channels need
Adrian Perrig, Communication authentication, replay because of MinSec U & MinSec B some protection
Virgil Gilgor Architecture protection, data messages need to techniques
2007 secrecy broadcast
SNEP (Secure Network This protocol uses
Encryption Protocol) symmetric approach for
Adrian Perrig, protocol is used for two en/de cryption while
Robert SPINS offers two set Some threats party data authentication, Asymmetric approach
Szewczyk, SPINS: of protocols SNEP and which enables to data confidentiality and uses for key distribution.
Victor Wen, Security μTESLA, Used to use this SPINS data integrity . TESLA but this approach is not
David Culler, Protocols for secure the protocol. The is micro version of Yes Yes providing enough and
J. D. Tygar Sensor Networks. communication identified problem TESLA. TESLA efficient security due to
2001 channels from active is Active and (Micro Timed Efficient resource limitations such
and passive attacks Passive threats Stream Loss tolerant as low memory, needs
Authentication) is used high battery life etc
and responsible for
authenticated broadcast

Computer Science and Network Security, VOL.10 No.10, October

IV. CONCLUSION AND FUTURE WORK
Security is the needs of everyone. Although this security
is implemented for logical sensing devices as well as for
physically used but every security has some merit and
demerit according to the nature of practice. Sensor network
is one of them to provide high flexibility, fault tolerance,
high sensing conformity and low cost. Due to these features
of sensors make many new techniques from existing
mechanism. Sensor network works in very dense
environment. These break environment needs some security
protocol to make sensor network feasible.
Sensor nodes use symmetric encryption technique with low
overhead but this technique is not providing enough security
as they needed. The second issue is in sensors are: low
memory capacity, short computation capability, and short
life battery. These issues make sensor node less secure.
Future work is mainly focused to replace or work out
in the existing techniques for security and also other than
security issues. Mission critical system requires high speed
response system for high red alert zones. For this
achievement, High Speed Wireless Sensor Network
(HSWSNs) is the only solution for critical security systems.
REFERENCES
[1] M.Ahmad, M.Habib, M.Z.Shah, F.Ullah, S.Hussain, “Energy Aware
Uniform Cluster-Head Distribution Technique for Hierarchal
Wireless Sensor Networks”, IJCSNS International Journal of
2010.
[2] F. Ullah, M. Amin, H. U. Ghaffar, “Simulating AODV and DSDV
For Adynamic Wireless Sensor Networks”, IJCSNS International
Journal of Computer Science and Network Security, VOL.10 No.7,
Pages 219-223, July 2010.
[3] B. Przydatek, D. Song and A. Perrig, “ SIA: Secure Information
Aggregation in Sensor Networks”, SenSys’03, ACM 1581137079,
November 5–7, 2003.
[4] B. Ksiopolski, Z. Kotulski, “On scalable security model for sensor
networks protocols”, CIB-W78 2005 22nd Conference Information
Technology in Construction, Dresden 19-21 July 2005.
[5] Medium Access Control Issues in Sensor Networks. ACM
SIGCOMM Computer Communication Review. Volume 36, Number
2, April 2006.
[6] J. Polastre, J. Hui, P. Levis, J. Zhao, D. Culler, S. Shenker, and I.
Stoica, “A unifying link abstraction for wireless sensor networks,” in
Proc. ACM SenSys’05, Nov. 2005.
[7] C. Karlof, N. Sastry, D. Wagner, “TinySec: A Link Layer Security
Architecture for Wireless Sensor Networks”, ACM SenSys 2004,
November 3-5, 2004.
[8] S. Zhu, S. Setia and S. Jajodia, “LEAP: Efficient Security
Mechanisms for Large-Scale Distributed Sensor Networks”,
SenSys’03, November 5–7, 2003, ACM 1-58113-707-9/03/0011.
[9] M. Luk, G. Mezzour, A. Perrig and V. Gligor, “MiniSec: A Secure
Sensor Network Communication Architecture”, ACM 978-1-59593-
638-7/07/0004IPSN'07, April 25-27, 2007.
[10] Y. Yang, X. Wang, S. Zhu, and G. Cao, “SDAP: A Secure Hop-by-
Hop Data Aggregation Protocol for Sensor Networks”, 2006 ACM 1-
59593-368-9/06/0005.
[11] T. PARK and KANG G. SHIN, “LiSP: A Lightweight Security
Protocol for Wireless Sensor Networks”, ACM Transactions on
Embedded Computing Systems, Vol. 3, No. 3, Pages 1–27, August
2004.
[12] A. Perrig, R. Szewczyk, V. Wen, D. Culler, J. D. Tygar, “SPINS:
Security Protocols for Sensor Networks”, Jun 1 2001 ACM.