This document discusses security challenges in wireless sensor networks and proposes guiding principles and research themes. It notes that security is difficult due to limited node resources and unattended operation. While much research has been done, security is often ignored in real deployments. Research assumptions often do not reflect reality. The document proposes three guiding principles: link studies to context of use, leverage the relationship to physical phenomena, and consider security as part of resilient design. It then outlines several proposed research themes, including designing solutions for concrete settings, establishing confidence in device operation, measuring network health from within, and ensuring data quality and trustworthiness.

1. Security in Infrastructure Wireless
Sensor Networks
Emil
Lupu
Imperial
College
London

2. Security
in
WSN
is
difficult
because…
• Nodes
are
physically
accessible
• Scale
is
unprecedended
• Resources
are
limited
• Opera?on
is
una@ended

3. There
is
a
large
disconnect
between
research
and
applica?on
• A
large
body
of
work
on
security
in
sensor
networks.
– …
a
cursory
search
on
Google
scholar
gives
34,400
hits
since
2009
• Yet
security
remains
largely
ignored
in
reported
deployments

4. Research
is
oPen
based
on
assump?ons
such
as
…
• Random
choice
of
a@ack
targets
• Nodes
are
placed…:
in
a
grid,
uniformly
and
densely,
in
a
tree
with
a
single
sink,
in
pre-­‐
decided
groups.
• Sensors
can
do…:
RSA
crypto,
puzzles,
Java,
homomorphic
crypto,
game
theory….
as
well
as
their
tasks.
• All
nodes
are
coopera?ve
and
trustworthy,
faults
always
occur
randomly.

5. Three
Guiding
Principles
• Link
studies
to
context
of
use
• Leverage
rela?onship
with
physical
phenomena.
• Security
as
part
of
resilient
design

6. Link
studies
to
context
of
use
•
•
•
•
•
•
Threat
Model
Physical
Security
Sensed
informa?on
Topology
Node
capabili?es
Security
objec?ves

7. Leverage
rela?onship
to
physical
phenomena
• Key
genera?on
and
distribu?on.
• Distance
bounding.
• Observability
of
associa?on.
• A@esta?on.
• Verifica?on
of
correct
behaviour

8. Security
as
part
of
resilient
design
• Is
it
a
fault
or
a
compromise?
• Redundancy
drives
anomaly
detec?on,
trust,
recovery
• Adapta?on
vs
security
• Resource
limita?ons

9. Research
Themes
• Designing
solu?ons
in
concrete
se^ngs.
• Establishing
confidence
in
the
correct
and
secure
opera?on
of
devices.
• Measuring
the
“health”
of
the
network
from
within
itself.
• Data
quality
and
trustworthiness
assurance.

10. Designing
solu?ons
in
concrete
se^ngs
• Key
management
for
the
context
of
use
• Evaluate
and
improve
exis?ng
algorithms
e.g.,
applicability,
scaleability
• Mi?ga?on
and
recovery
through
reconfigura?on

11. Establishing
confidence
in
the
correct
and
secure
opera?on
of
devices
• Measuring
device
integrity.
• A@esta?on
techniques
– SoPware,
hardware,
physical
• Behavioural
fingerprin?ng
and
valida?on.
• Reputa?on.

12. Measuring
the
health
of
the
network
from
within
itself
• For
a
sensor,
a
network,
a
city.
• Assurances
and
Mechanisms
• Capability
of
restart/recovery/
response/degraded
opera?on
• Coordina?on/Topology/
Redundancy
• Effect
of
adapta?on
on
security
and
resilience

13. • Learning
to
dis?nguish
between
normal
behaviour,
failures
and
security.
• Recognising
security
events
in
constantly
evolving
networks.
• A@ack
characterisa?on
• Compromise
epidemiology

14. Data
Quality
and
Trustworthiness
Assurance
• Data
protec?on
and
provenance
• In-­‐network
Data
Aggrega?on
• How
to
accept
data
degrada?on
to
maintain
overall
system
goals.
• Understand
and
mi?gate
against
data
deteriora?on
effects
e.g.
node
compromise
failures,
fouling
• Data
usage
control

15. Polygonia
Interroga?onis