Ebook: Wireless Sensor Network Security

We investigate how wireless sensor networks can be attacked in practice. From this we develop a generic adversary model that allows to classify adversaries according to two dimensions of power: presence and intervention. Thus, we provide a framework for realistic security analysis in wireless sensor networks.

This chapter highlights the importance of symmetric cryptographic primitives for providing security in wireless sensor networks. We outline the basic goals and primitives and give a comprehensive overview in regard to modes of operation. We also provide an extensive survey of the implementation options of the Advanced Encryption Standard (AES): In software on processors of different word size, in hardware with different optimization goals, as well as in a hardware/software co-design approach with cryptographic instruction set extensions. An overview of state-of-the-art cryptographic support in today's WSN products concludes this chapter.

Wireless sensor networks consist of tiny senor nodes with limited computing and communicating capabilities and, more importantly, with limited energy resources. In this chapter we evaluate the power consumption of Public-key algorithms and investigate whether these algorithms can be used within the power constrained sensor nodes. We evaluate conventional digital signature schemes and encryption schemes, one-time signature schemes and Public-key authentication schemes.

This chapter presents a comparative survey of recent key management (key distribution, discovery, establishment and update) solutions for wireless sensor networks. We consider both distributed and hierarchical sensor network architectures where unicast, multicast and broadcast types of communication take place. Probabilistic, deterministic and hybrid key management solutions are presented, and we determine a set of metrics to quantify their security properties and resource usage such as processing, storage and communication overheads. We provide a taxonomy of solutions, and identify trade-offs in these schemes to conclude that there is no one-size-fits-all solution.

In this chapter we elaborate on the need for security frameworks at the link-layer and describe what services they provide to the upper layers. We review the proposed frameworks in the bibliography and discuss about their pros and cons. Then we present in more detail the design and implementation of one of them, the L³Sec framework, in order to show what issues arise in such a process and how they can be solved. Some of these features include providing acceptable resistance against node capture attacks and replay attacks, as well as the run-time composition of security services in a completely transparent way. The framework is able to satisfy its requirements based on an an ef.cient scalable post-distribution key management scheme, which we also present.

In this chapter, we study how sensor network routing protocols can be secured. First, we describe the adversary model, the objectives of attacks against routing, as well as the different attack methods that may be used in wireless sensor networks. All these are illustrated by example attacks on well-known sensor network routing protocols. Then, we describe various countermeasures that can be used in sensor networks to secure the routing protocols. These include link layer security measures, secure neighbor discovery techniques, authenticated broadcast algorithms, and multi-path routing techniques. Finally, we illustrate the application of some of these countermeasures by presenting and explaining the operation of some secured sensor network routing protocols.

In many sensor applications, the data collected from individual nodes is aggregated at a base station or host computer. To reduce energy consumption, many systems also perform in-network aggregation of sensor data at intermediate nodes enroute to the base station. Most existing aggregation algorithms and systems do not include any provisions for security, and consequently these systems are vulnerable to a wide variety of attacks. In particular, compromised nodes can be used to inject false data that leads to incorrect aggregates being computed at the base station. We discuss the security vulnerabilities of data aggregation systems, and present a survey of robust and secure aggregation protocols that are resilient to false data injection attacks.

While sensor networks provide the opportunity for sophisticated, context-aware services, privacy concerns can seriously affect user acceptance and become a barrier to their long-term successful deployment. This chapter discusses privacy issues in sensor networks, by identifying the requirements for privacy preserving deployments, analysing the challenges faced when designing them, and discussing the main solutions that have been proposed. Privacy can be addressed in different levels of the network stack and at different points of the information flow. The privacy requirements and the mechanisms that address them are categorised into privacy sensitive information gathering schemes, controlled information disclosure approaches, and mechanisms for the protection of the communications context. The separate discussion of the approaches highlights the diverse privacy aspects that they are focused on, and shows how the approaches can be viewed as complementary to fulfill the complete spectrum of sensor networks' privacy needs.

Many Wireless Sensor Networks are composed of nodes that are virtually identical, i.e. they are clones of one another. The classic “identity” definition cannot properly capture this notion. Even if each node contains an artificial serial number, there is no unique property…no DNA to distinguish devices. Still, all sensor networks must capture some identity notions; code integrity being one such notion. This chapter investigates sensor network node identity relative to the functional properties reflected in executing code found on small computing sensors. We show how wireless sensor networks can establish an important identity property of ensuring code integrity through the process of remote attestation.

Security has been proven a crucial factor in the provision of data services and especially in the computer-related environments. While wired and wireless networks come to all sectors of everyday life, security tries to satisfy the growing needs for confidentiality, integrity and non-repudiation. There are many instances of security primitives and each one of them has different requirements in terms of processing power, memory, energy consumption, etc. Therefore, it is important to review the functionality of the less resource-demanding encryption algorithms in order to analyze their theoretical suitability to the existent sensor node hardware. Still, the constraints inherent to the sensor nodes advise against the total dependence on software-based implementations, even more in the case of expensive primitives.