Your SlideShare is downloading. ×
  • Like
Security in wireless sensor network
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Security in wireless sensor network

  • 3,321 views
Published

ppt includes various operational paradigms,their vulnerabilities & solutions of WSN

ppt includes various operational paradigms,their vulnerabilities & solutions of WSN

Published in Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • hiiii
    Are you sure you want to
    Your message goes here
  • please send the presentation to me
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
3,321
On SlideShare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
307
Comments
2
Likes
5

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Security In Wireless Sensor Network
    By 09bce053 AditPathak
    09bce057 Mihir Shah
  • 2. Presentation flow
    What is WSN?
    Threats to WSN
    WSN operational paradigms
    Key distribution techniques for WSN
    Various key distribution schemes
  • 3. INTRODUCTION
    What is a WSN?
    A wireless sensor network (WSN) consists of spatially distributed autonomous sensor nodes to monitor physical or environmental conditions, such as temprature,sound,vibration,pressure, motion or pollutants and to cooperatively pass their data through the network to a main location.
    What are they used for?
    Ocean and wildlife monitoring.
    Monitoring of manufactured machinery.
    Building safety.
    Earthquake monitoring.
    Variety of military applications.
    Medical monitoring and research
  • 4. Threats to a WSN
    Passive Information Gathering : The powerful receiver
    can passively pick off data.
    Subversion of a node: Capturing of sensor node & compromised sensor node
    False node: Robust device which impersonates a sensor node
    Node Malfunction: Generate inaccurate data,drop the data.Detecion of these nodes is an issue.
    Node outage: Node stops functioning
    DoS (Jamming,BlackHole,Resource Exhaustion)
  • 5. WSN OPERATIONAL PARADIGMS
    Simple Collection and Transmittal
    Forwarding
    Receive and Process Commands
    Self Organization
    Data Aggregation
  • 6. SIMple collection & transmittal
    Sensor takes periodic measurements & transmit the associated data directly to the collection point.
    Immediate or scheduled transmission
    Each node is only concerned with its transmission to base station , which is assumed to be within the range.
    No routing & co-operation among nodes
  • 7. Vulnerabilities
    Jamming
    Spoofing (Counterfeit data source broadcasts spurious information)
    Loss of confidentiality due to passive monitoring
    Physical attacks(capturing of a node & subversion)
  • 8. Solutions
    Data encryption(symmetric key)
    Predeployed keys are shared between & unique to the collection point & individual node.
    Each node uses its key to encrypt data before transmission & the collection point decrypts the data using the shared key corresponding to that node.
    Spread spectrum communications may be used to offset efforts to jam the frequency band.
    Use of temper assistant technologies which may transmit an alert and/or self destruct when tempering is detected.
  • 9. forwarding
    Allows sensor nodes far away from collection point to transmit data to neighboring nodes , which in turn forward the data toward the collection point.
    Forwarding process may span multiple sensor nodes on the path between the source & collection point.
    Solves the radio range problem presented in the Simple Collection and Transmittal paradigm.
  • 10. Vulnerabilities
    Single shared key won’t do
    Black Hole : Sensor node drops packets
    Data Corruption: Node modifies the data
    Resource Exhaustion: Attacker maliciously transmits an inordinate amount of data to be forwarded ,causing the intermediate node(s) to exhaust their power supply.
  • 11. Solutions
    System utilizes pre-built headers encrypted under intermediate node’s key. The entire frame is encrypted under senders key and inserted into another frame that is prepended with the pre-built headers and forwards.
    When intermediate node receives the frame,it strips-off the prepended header and forwards it. At the end it is decrypted by collection point.
    The algorithm is used to deal with other attacks.
    The algorithm tracks the absence of expected data from each sensor,quantifies the amount of corrupted data received at the controller from each sensor,and compares those values to acceptable statistical noms.
    If controller determines a sensor node to be aberrant,it is culled.
  • 12. Receive and process commands
    Previous paradigms described many-to-one communication for unsolicited data & may reduce lifetime of WSN due to unnecessary data transmission
    RPC is one-to-many communication model in which the controller transmits commands to sensor nodes
    Initially sensor nodes are in idle mode(low power)-controller broadcasts(or unicast) wakeup command- getdatacommand-instruct sensor nodes to idle
  • 13. Vulnerabilities
    Authentication of command from controller
    Integrity of the message received from its neighbors
  • 14. Solutions
    Use of shared secrets between the controller and the individual sensor node
    Distributing encrypted identities of sensor nodes within radio range of controller among the nodes that are beyond the radio range of controller by using pre-built headers as was in Forwarding.
  • 15. SELF ORGANIZATION
    • It requires that the WSN achieve organizational structure without human intervention.
    • 16. It consists of three tasks:
    • 17. Node discovery
    • 18. Route establishment
    • 19. Topology maintenance.
    • 20. Node discovery is made by HELLO-REPLY message.
    • 21. To ensure continuous connectivity, multiple routes between two nodes are discovered.
    • 22. Here as new nodes are added or older ones exhaust, the topology is re configuared.
  • Vulnerabilities
    • Previous attacks seen.
    • 23. Flooding
    • 24. Sinkhole attacks.
    SOLUTIONS
    • Routing information distributed throughout the WSN needs to be encrypted, by an anti-replay mechanism and authentication of source.
    • 25. Moreover as a sensor contains cryptographic material, it needs to be configured so that tampering will erase the keys and leave the sensor inoperable.
  • AGGREGATION
    • In previous protocols, the sensors transmit information to the collection point which performs large calculations due to thousands of data streams and causes it to be a bottleneck.
    • 26. For controlling data streams, we aggregate data within the WSN and transmitting aggregate to the controller.
    • 27. This results in a substantial energy savings in the WSN.
    • 28. The operations can include MAX, MIN, AVG, SUM etc. For example, measuring a temperature.
  • Vulnerabilities
    • Authentication of the downstream peers becomes a necessity.
    • 29. Here the nodes trust each other. Hence a malicious node can get itself elected as an aggregation point.
    • 30. The malicious node can throw the data leading to Black holes or corrupt the data and forward it.
    SOLUTIONS
    • Point to point security allows flexibility but is not scalable.
    • 31. The only prevailing solution is to have a common key over the whole WSN, which is discussed later.
  • KEY DISTRIBUTION TECHNIQUES FOR WSN
    • In sensor networks, key distribution is connected with initial communication establishment to bootstrap a secure communication infrastructure from a collection of deployed nodes.
    • 32. This combined problem of key distribution and secure communication is called the bootstrapping problem.
    • 33. This is a highly challenging problem due to the limitations of sensor network hardware and software.
  • BOOTSRAPPING SECURITY IN SENSOR NETWORKS
    • A bootstrapping scheme for network needs to satisfy the following requirements:
    • 34. Deployed nodes must be able to establish secure node to node communication.
    • 35. Additional legitimate nodes deployed at a later time can form secure connections with already deployed nodes.
    • 36. Unauthorized nodes should not be able to gain entry into the network, either through packet injection or masquerading as a legitimate node.
    • 37. The scheme must work through prior knowledge of which nodes will come into communication range of each other.
    • 38. The computational and storage requirement of the scheme must be robust to DoS attacks from out of network sources.
  • EVALUATION METRICES
    • There are some criteria as under that represent desirable characteristics in a bootstrapping scheme for sensor network :
    • 39. Resilience against node capture:Protection against the capture of node by an adversary.
    • 40. Resistance against node replication:Whether the node can insert hostile nodes into the network after obtaining some secret information.
    • 41. Revocation: Whether a misbehaving node can be dynamically removed from the system.
    • 42. Scalability: As the number of nodes in network grows, the security characteristics mentioned above may be weakened.
  • VARIOUS KEY DISTRIBUTION SCHEMES
    • USING A SINGLE NETWORK WIDE KEY.
    • 43. USING ASYMMETRIC CRYPTOGRAPHY.
    • 44. USING PAIRWISE KEYS.
  • SINGLE NETWORK WIDE KEY
    • Pre load a network with any neighboring nodes that also possess the shared network key.
    • 45. This can be achieved simply by the encrypting all communications in the shared network-wide key and appending message authentication codes(MACs) to ensure integrity.
  • PROPERTIES
    • Minimal memory storage required.
    • 46. No additional protocol steps are necessary.
    • 47. Resistant against DoS, packet injection.
    DRAWBACKS
    • If a single node is compromised entire network loses all its security properties.
    • 48. Nodes are tamper resistant.
    • 49. No new nodes are ever added to the system after deployment.
  • ASYMMETRIC CRYPTOGRAPHY
    • Also known as public key methods.
    • 50. Prior to deployment, a master public/private keypair is generated. Then for every node keypair is generated. Both keys stored in respective node along with master’s signature on nodes keypair.
    • 51. Nodes can communicate by key exchanges and verification through master’s signature on them.
    • 52. By this a symmetric link is generated.
  • PROPERTIES
    • Perfectly resilient against node capture.
    • 53. Possible to revoke known compromised keypairs.
    • 54. Fully scalable
    DRAWBACKS
    • Dependence of asymmetric key cryptographic hardware or software.
    • 55. Vulnerability to Denial-of-Service.
    • 56. No resistance against node replication.
  • PAIRWISE KEYS
    • In this approach, every node in the sensor network shares a unique symmetric key with every other node in the network.
    • 57. Hence in a network of n nodes, there are a total nC2 unique keys.
    • 58. Every node stores n-1 keys, one for each other node.
    • 59. After deployment, nodes must perform key discovery to verify the identity of the node they are communicating with.
  • PROPERTIES
    • Perfect resilience to node capture.
    • 60. Compromised keys can be revoked.
    • 61. Only uses symmetric cryptography.
    DRAWBACKS
    • Main drawback is poor scalability.
    • 62. Number of keys to be stored in each node is proportional to number of nodes.
    • 63. Eg. For 80 bit key and 100 nodes, each node requires 1kB memory.
  • THANK You