Security in WSN

A sensor network is composed of a large number

of sensor nodes, which are densely deployed
either inside the phenomenon or very close to it.

A heterogeneous system combining tiny

sensors and actuators with generalpurpose computing elements. Most
consisting of hundreds or thousands of lowpower, low-cost nodes deployed to monitor
and affect the environment.

Introduction cont
WSN are used to collect data from the
They consists of large number of sensor nodes
and one or more Base Stations.
The nodes in the network are connected via
Wireless communication channels.
Each node has capability to sense data,
process the data and send it to rest of the
nodes or to Base Station.
These networks are limited by the node
battery lifetime.

Sensor nodes are small, low-cost, lowpower devices that have following

communicate on short distances

sense environmental data
perform limited data processing

Network usually also contains sink

node which connects it to the outside

Architecture of Wireless
Sensor Networks

Sensor Node
Base Station

Sensor networks VS ad
hoc networks
The number of nodes in a sensor network can
be several orders of magnitude higher than the
nodes in an ad hoc network.
Sensor nodes are densely deployed.
Sensor nodes are limited in power,
computational capacities and memory.
Sensor nodes are prone to failures.
The topology of a sensor network changes
Sensor nodes mainly use broadcast, most ad
hoc networks are based on p2p.
Sensor nodes may not have global ID.

Applications of
Sensor networks
Military Applications
Ocean and wildlife monitoring.
Monitoring of manufactured
Building safety.
Earthquake monitoring.
Variety of military applications.
Medical monitoring and

Routing protocols
Wireless sensor network routing
protocols can be classified into
following categories.
1. Direct communication
2. Flat protocols (Multihop)
3. Hierarchical Routing Protocols
4. Location Based Routing
5. QoS Based Routing

Routing Protocols


Direct Communication

Hierarchical Routing

Cluster Head

Network Based Security

Network based security can be mainly characterized as

1)Security for fundamental Services:

ISA for a node will store reputation factor for all neighboring nodes and depending on
the reputation it will forward a packet to that node.

2) Secure Routing :The routing algorithm which calculates link costs by considering available energy, distance
and bandwidth will be best suitable for a cost and energy efficient operation.

Security in Key Management:Among all key distribution schemes available right now, Key Pre-distribution is most
appropriate for WSN

4) Cryptography:
WSN also requires various authentication and encryption mechanisms but of different

5) Intrusion Detection:To understand how cooperating adversaries might attack the system.

Design goal of WSN

Various design goals of WSN security are
1)Robust Designs:
Design should have minimum software bugs.
2)Component Based Security:Some kind of security measures must be provided to all the components of a system
as well as to network.
3) Adaptive Security:Depending on traffic characteristics and environment they have to adapt themselves.
4) QoS with Security:Existing security designs can address only a small, fixed threshold number of
compromised nodes; the security protection completely breaks down when the
threshold is exceeded
5) Realistic Design:
Trace analysis for all kind of practical attacks possible for a particular real time

Requirements for WSN

Data Confidentiality omission of data
leaks to neighboring networks.
Data Authentication verification of
Data Integrity non altered transmission
of data.
Data Freshness ensuring data is
recent while allowing for delay estimation.

Why security is different in WSN?

Sensor Node Constraints
Battery (2xAA)
Processing power (8Mhz)
Memory (<128KB Flash and <4KB RAM)
Energy Usage
3V x (20 to 30)mA, 1.8V x (1 to 10)mA

Networking Constraints

Ad hoc

Security issues in WSN

The discussed applications require communication in
WSN to be highly secure
Main security threats in WSN are:

Radio links are insecure eavesdropping / injecting

faulty information is possible
Sensor nodes are not temper resistant if it is
compromised attacker obtains all security information

Attacker types:

Mote-class: attacker has access to some number of

nodes with similar characteristics / laptop-class:
attacker has access to more powerful devices
Outside (discussed above) / inside: attacker
compromised some number of nodes in the network

Attacks on WSN
Main types of attacks on WSN are:

spoofed, altered, or replayed routing information

selective forwarding
sinkhole attack
sybil attack
HELLO flood attacks
acknowledgment spoofing

Attacks on sensor nets

Spoofed, altered,
or replayed routing

Create routing loop, attract or repel network traffic,

extend or shorten source routes, generate false error
messages etc


Either in-path or beneath path by deliberate

allows to control which information is forwarded. A
malicious node act like a black hole and refuses to
forward every packet it receives.

Sinkhole attacks

Attracting traffic to a specific node, e.g. to prepare

selective forwarding

Sybil attacks

A single node presents multiple identities, allows to

reduce the effectiveness of fault tolerant schemes
as distributed storage and multipath etc.

Wormhole attacks

Tunneling of messages over alternative low-latency

to confuse the routing protocol, creating sinkholes

An Example
Avg Temp



Avg X = (x1 + + xn) / n



Computing the average temperature

An Example + an attack

sult is drastically affected

Avg Temp


Avg X = (x1 + + xn) / n






Computing the average temperature

False routing information

Injecting fake routing
control packets into
the network,
examples: attract /
repeal traffic,
generate false error
routing loops,
increased latency,
decreased lifetime of
the network, low





Example: captured node attracts

traffic by advertising shortest path
to sink, high battery power, etc

Selective forwarding
Multi hop paradigm is prevalent in WSN
It is assumed that nodes faithfully forward
received messages
Compromised node might refuse to
forward packets, however neighbors
might start using another route
More dangerous: compromised node
forwards selected packets

Sinkhole and Sybil attacks

Sinkhole attack:

Idea: attacker creates metaphorical sinkhole by

advertising for example high quality route to a base
Laptop class attacker can actually provide this kind of
route connecting all nodes to real sink and then
selectively drop packets
Almost all traffic is directed to the fake sinkhole
WSN are highly susceptible to this kind of attack
because of the communication pattern: most of the
traffic is directed towards sink single point of failure

Sybil attack:

Idea: a single node pretends to be present in different

parts of the network.
Mostly affects geographical routing protocols

Idea: tunnel packets
received on one part of
the network to another
Well placed wormhole
can completely disorder
Wormholes may
convince distant nodes
that they are close to
sink. This may lead to
sinkhole if node on the
other end advertises
high-quality route to

Wormholes (cont.)
Wormholes can exploit routing race conditions which
happens when node takes routing decisions based on
the first route advertisement
Attacker may influence network topology by
delivering routing information to the nodes before it
would really reach them by multi hop routing
Even encryption can not prevent this attack
Wormholes may convince two nodes that they are
neighbors when on fact they are far away from each
Wormholes may be used in conjunction with sybil

HELLO flood attack

Many WSN routing
protocols require nodes
to broadcast HELLO
packets after
deployment, which is a
sort of neighbor
discovery based on
radio range of the node
Laptop class attacker
can broadcast HELLO
message to nodes and
then advertises highquality route to sink

Acknowledgment spoofing
Some routing protocols
use link layer
Attacker may spoof acks
Goals: convince that
weak link is strong or that
dead node is alive.
Consequently weak link
may be selected for
routing; packets send
trough that link may be
lost or corrupted

Overview of
Link layer encryption prevents majority of attacks:
bogus routing information, Sybil attacks,
acknowledgment spoofing, etc.
This makes the development of an appropriate key
management architecture a task of a great
Wormhole attack, HELLO flood attacks and some
others are still possible: attacker can tunnel
legitimate packets to the other part of the network or
broadcast large number of HELLO packets
Multi path routing, bidirectional link verification can
also be used to prevent particular types of attacks
like selective forwarding, HELLO flood

Key management
The protocol must establish a key between
all sensor nodes that must exchange data
Node addition / deletion should be supported
It should work in undefined deployment
Unauthorized nodes should not be allowed to
establish communication with network nodes

Key management:
Sensor node constraints:

Battery power
Computational energy consumption
Communication energy consumption

Transmission range
Temper protection
Sleep pattern

Network constraints:

Ad-hoc network nature

Packet size

architecture of sensor

architecture of sensor
Combine power and
routing awareness
Integrates date with
networking protocols
Communicates power
efficiently through the
wireless medium
Promotes cooperative
efforts among sensor

architecture of sensor
Physical layer:

Address the needs of simple but robust

modulation, transmission, and
receiving techniques.
frequency selection
carrier frequency generation
signal detection and propagation
signal modulation and data encryption.

architecture of sensor
Propagation Effects
Minimum output power
(dn 2=<n<4)
Ground reflect Multihop in dense
sensor net work
Power Efficiency Modulation Scheme
M-ary Modulation scheme
Ultra wideband(impulse radio)

architecture of sensor
Open research issues
Modulation schemes
Strategies to overcome signal
propagation effects
Hardware design: transceiver

architecture of sensor

Data link layer:

The data link layer is responsible for the

multiplexing of data stream, data frame
detection, the medium access and error
Medium Access Control
Power Saving Modes of Operation
Error Control

architecture of sensor
Medium access control
Creation of the network infrastructure
Fairly and efficiently share
communication resources between
sensor nodes
Existing MAC protocols (Cellular System,
Bluetooth and mobile ad hoc network)

architecture of sensor
MAC for Sensor Networks
Self-organizing medium access control for sensor
networks and Eaves-drop-and-register Algorithm
CSMA-Based Medium Access
Hybrid TDMA/FDMA-Based

architecture of sensor
Power Saving Modes of Operation
Sensor nodes communicate using short
data packets
The shorter the packets, the more
dominance of startup energy
Operation in a power saving mode is energy
efficient only if the time spent in that mode
is greater than a certain threshold.

architecture of sensor

Error Control

Error control modes in Communication Networks

(additional retransmission energy cost)
Forward Error Correction (FEC)
Automatic repeat request (ARQ)
Simple error control codes with low-complexity
encoding and decoding might present the best
solutions for sensor networks.

architecture of sensor
Open research issues
MAC for mobile sensor networks
Determination of lower bounds on
the energy required for sensor
network self-organization
Error control coding schemes.
Power saving modes of operation

architecture of sensor
Network layer:
Power efficiency is always an important
Sensor networks are mostly data centric.
Data aggregation is useful only when it does
not hinder the collaborative effort of the
sensor nodes.
An ideal sensor network has attribute-based
addressing and location awareness.

architecture of sensor

Energy Efficient

Maximum available power (PA)

route: Route 2
Minimum energy (ME) route: Route
Minimum hop (MH) route: Route 3
Maximum minimum PA node route:
Route 3
Minimum longest edge route:
Route 1

architecture of sensor
Sinks broadcast the interest
Sensor nodes broadcast the advertisements
Attribute-based naming
The areas where the temperature is over 70oF
The temperature read by a certain node

architecture of sensor
Data aggregation

Solve implosion and overlap

Aggregation based on same
attribute of phenomenon
Specifics (the locations of
reporting sensor nodes)
should not be left out

architecture of sensor
Open research issues
New protocols need to be developed to
address higher topology changes and higher
New internetworking schemes should be
developed to allow easy communication
between the sensor networks and external

architecture of sensor
Transport layer:

This layer is especially needed when the

system is planned to be accessed through
Internet or other external networks.
TCP/UDP type protocols meet most
requirements (not based on global
Little attempt thus far to propose a scheme or
to discuss the issues related to the transport
layer of a sensor network in literature.

architecture of sensor
Open research issues
Because acknowledgments are too
costly, new schemes that split the
end-to-end communication probably
at the sinks may be needed.

architecture of sensor
Application layer:
Management protocol makes the hardware
and software of the lower layers
transparent to the sensor network
management applications.
Sensor management protocol (SMP)
Task assignment and data advertisement
protocol (TADAP)
Sensor query and data dissemination
protocol (SQDDP)

architecture of sensor
Sensor management protocol (SMP)
Introducing the rules related to data aggregation, attribute-based
naming, and clustering to the sensor nodes
Exchanging data related to the location
finding algorithms
Time synchronization of the sensor nodes
Moving sensor nodes
Turning sensor nodes on and off
Querying the sensor network configuration and the status of
nodes, and reconfiguring the sensor network
Authentication, key distribution, and security in data

