This document discusses security challenges in wireless sensor networks. It outlines key challenges like limited energy and communication capabilities as sensors are often deployed in accessible areas. It discusses approaches for secure key establishment, privacy concerns around surveillance, threats like denial of service attacks, and the need for secure routing, intrusion detection, and data aggregation given the resource constraints of sensor networks. Research is still needed to address security challenges posed by the unique aspects of sensor network environments and applications.

1. Security
in
Wireless Sensor Networks
Shruti Pathak
CS 685
Fall 2009

2. Introduction (Wireless sensor Networks)
 Current applications include ocean and
wildlife monitoring, manufacturing machinery
performance monitoring, building safety and
earthquake monitoring, military applications
etc.
 Future applications might involve highway
traffic, building security, water quality and
people’s heart rates.

3. Challenges posed by WSN
 To make the sensor networks economically
viable they have limited energy consumption
and communication capabilities.
 Often deployed in accessible areas; implies
added risk to physical attacks.
 Interaction with their physical environments
and people result in new security problems.

4. A Secure System
 Usually a standalone component of the
system where a separate module provides
security.
 This is a flawed approach.
 Ideally, security should be a part of every
component. (the components designed
without security can become a point of
attack)

5. Key Establishment and Trust Setup
 Cryptographic keys need to be established during
the setting up of a sensor network for later use.
 Various traditional protocols cannot be used in case
of sensor devices due to limited computational
capabilities.
 The key establishment techniques need to scale to
networks with hundreds and thousands of nodes.
 Sensor nodes differ in communication patterns with
the traditional networks; sensor nodes may need to
set up keys with their neighbors and with data
aggregation nodes.

6. Simplest solution for key establishment
 Network-wide shared key.
Disadvantage: Compromise of any single node result
in decryption of complete network traffic.
 Variant to the above approach use a single shared
key to establish a set of link keys, one per pair of
communicating nodes, then erase the network-wide
key after setting up the session keys.
Disadvantage: This process does not allow addition
of new nodes after initial deployment.

7. Public Key Cryptography
(Diffie-Hellman key Establishment)
 D-H Key Establishment: Allows two parties
that have no prior knowledge of each other to
jointly establish a shared secret key over an
insecure communications channel.
 Advantage: A node can set up a secure key
with any other node in the network.
 But is beyond the scope of the capabilities of
the sensor networks.

8. Bootstrapping
 Bootstrapping keys with a trusted base
station is an option.
 Each node shares a single key with the base
station and set up keys with the other nodes
through the base stations.
 Disadvantage: Single point of failure.
 Advantage: If the network incorporates
tamper-resistant packaging for the base
station, it would help in the mitigation of
threats of physical attacks.

9. Random Key Distribution Protocols
 Large pool of symmetric key is chosen and a random
subset of pool is distributed to each sensor node.
 Two nodes that want to communicate search their pools
to determine whether they share a common key.
 Not every pair of nodes share a common key.
 A fully connected network can be established if the key
establishment probability is sufficiently great.
 Advantage: Avoids having to include a central base
station.
 Disadvantage: Attackers who are able to compromise
sufficiently large number of nodes could reconstruct the
complete key pool and break the entire scheme.

10. Security and Authentication
 Need for protection against eavesdropping, injection
and modification of packets.
 Cryptography is the standard defense mechanism
but has its own tradeoffs.
 It entails performance cost for extra computation
that increases packet size.
 Hardware support of it increases efficiency but also
increase financial cost of implementing a network.
 Software-only cryptography is practical with today’s
sensor technology. Hardware support is not needed.

11. Privacy Concerns
 Secret surveillance:
- Employers can spy on their employees
- Shop owners on customers
- Neighbors on each other
- Law enforcement agencies on public places
 Surveillance technology has become cheaper
and more effective and hence affordable.
 Devices have become smaller hence easy to
conceal.

12. Threats
 New type of threats introduced by the sensor
networks.
 Enables routine tracking of people and vehicles over
long period of time.
 In order to be able to solve the problems related to
privacy; not only the technology but a mix of societal
norms, new laws and technological responses are
necessary.
 The existence of sensor technology and surveillance
should be made known to people for a better
acceptance of the technology.

13. Robustness to communication
denial of service
 Denial of services attacks are one of the greatest
concerns.
 An adversary can severely disrupt the network’s
operation by broadcasting a high energy signal,
entire system could be jammed.
 Solution: When jamming effects only the portion of
the network, a jamming-resistant network could
defeat the attack by detection of the jammed area
and mapping the affected region and the routing
around the jammed area.

14. Secure Routing
 Routing and data forwarding is an essential service
for enabling communication in sensor networks.
 Simplest attack: Injection of malicious routing
information into the network can result in routing
inconsistencies.
Solution: Simple authentication might guard against
these attacks; still susceptible to replay attacks by
attackers with legitimate routing messages.
 Node-capture attacks: In almost all the routing
protocols, compromise of single nodes suffices to
take over the entire network or prevent
communication within it.

15. Resilience to node capture
 Generally, sensor nodes are present in locations that are readily
accessible to attackers.
 It becomes easy for an attacker to capture these nodes, extract
cryptographic secrets, modify their programming or replace them
with malicious nodes.
 Defense: Tamper-resistant packaging but is expensive hence not
preferable instead algorithmic solutions are preferred over it.
 Challenge is to build a network that would operate correctly even
if several nodes are compromised without our knowledge.
 Sending every packet across multiple, independent paths and
checking at the destination for consistency among the packets
that are received, resilience against node-capture can be
achieved.

16. Network Security Services:
Secure Group Management
 High level security mechanisms.
 Each node in the sensor network is limited in computing and
communication capabilities.
 However, data aggregation and analysis can be performed by
group of nodes.
 Example: A group of nodes might be responsible for tracking the
vehicle through the network.
 Secure protocols are required for group management that would
ensure secure admission of new group members and secure
communication among that group.
 The outcome of the group’s computation is normally transmitted
to the base station which should be authenticated to ensure that
it comes from a valid group.
 Any solution must be efficient in time and energy.

17. Network Security Services:
Intrusion Detection
 Wireless sensor networks are susceptible to many
forms of intrusion.
 In wired networks, traffic and computation are
typically monitored and analyzed for anomalies at
various concentration points, which is often
expensive.
 For a lesser expensive solution, applications and
typical threat models must be understood,
particularly how cooperating adversaries might
attack the system.
 Use of secure groups may be a promising approach
for decentralized intrusion detection.

18. Network Security Services:
Secure data aggregation
 One benefit of wireless sensor networks is
the fine-grain sensing that large and dense
set of nodes can provide.
 To avoid overwhelming traffic back to the
base station; data should be aggregated.
 Aggregation may take place at many places
in the network, depending upon the
architecture of the wireless sensor networks.
 All such locations should be secured.

19. Research Challenges
 Severe constraints and demanding
deployment environments of wireless sensor
networks make computer security for these
systems challenging.
 How to secure wireless communication links?
 Understanding the environment-related
constraints.