Security Protocols In Wireless Sensor Networks Computer Science Essay

Published Date: 02 Nov 2017

Abstract

The existence of wireless sensor network is highly vulnerable to attacks for being composed of hundreds and thousands of tiny sensor nodes with low battery power, low memory and low energy. The projection of sensor application has raised the level of security to the acceptance and use of sensor networks without any interrupts throughout the wide area of occurrence. Sensor networks are interacting with very sensitive data and deployed in hostile unattended environments, where the security issues should be concentrated to attain their potential. This paper lights a torch on security of WSN and different attacks in wireless sensor networks. Then we mainly focuses on the objective that flooding attack causes Denial of Service (DoS) attacks by introducing an adversary which is not a legal node in the network can create congestion and break the security of wireless sensor networks. Also we have concentrated on analysis of security protocols where the security aspects to be taken care of.

Introduction

Wireless sensor networks have came forth as a significant application of the ad-hoc networks such as for medical monitoring, inventory control and battle field management. Since these sensor networks have restrictions over system resources like battery power, low energy consumption demands a lot of attention to keep off network’s life span step down benefitting from security issues in wireless sensor networks.

Here, it is mandatory to provide a good path with more security in wireless sensor networks. Since it has committed on various kinds of attacks, we took a keen on flooding attack which can be done by constructing a path. An adversary frame a route to the victim node so as to establish data flooding attacks and then sends on enormous useless data packets to the victim node along the route.

This may reduce the performance of the network throughout the entire range of communication and existence. To bring the healthy environment in wireless sensor networks, the security issues have been analysed throughout the different layers and reports have been presented.

In this article, we heel the dissimilar attacks at distinct layers of wireless sensor networks and centralize the flooding attacks with merits and faults that having dependency on networks by making erudition over security.

In section II, we drew and focused on security goals on wireless sensor networks. The section III illustrates the different perspective of attacks on routing protocol and mainly gets into the flooding attack in wireless sensor networks. Section IV conglomerates the depth psychology on security under wireless sensor networks with tables and descriptions whereas Section V resolves this paper.

Security goals in WSN

When handling the security in WSN, we guarantee the security goals if every legal node receives all the messages aimed to it. In front of resourceful oppose, security goals assure the Confidentiality, Integrity, Authenticity, Availability and Freshness of data.

2a. Confidentiality:

Confidentiality means concealed maintenance of data from unauthorized parts. When communication taken place in the network, no one can understood except destined recipient. Data Confidentiality [1][4] [5] [14] [15] [16] can be attained in sensor network through the following goals:

Data should not escape out the network.

Connection should ensure the usage of keys.

Security keys should be converted against the different layered attacks.

Usage of cryptographic technique will allow maintaining the secrecy for the sensitive data used among the network.

2b. Integrity:

The adversary must not do any alteration in the data while it is aimed to the intended receiver in the network. Being the medium is wireless, the malicious attackers can possibly modify or delete the data during transmission. In addition to the attackers, there is an existence of natural brokers such as noise, weakening etc., can alter the data. The integrity [1] [4] [5] [14] [16] can be achieved by hash functions, message digest and MAC.

2c.Authenticity:

Authentication [1] [4] [5] [14] [16] is essential for maintaining and co-ordinating the sensor nodes with the network to establish the connection within the networks. It is potential to implement a central authority such as router, access point, etc., in wired networks but it is not possible in wireless sensor networks. During the establishment of connection between two nodes, the symmetrical mechanism can be applied on the network whereas the sender and receiver calculate the MAC of the message using a shared key, to find the identical matches of the message and identifier that it has been sent from a valid sender and can easily identify the unauthorized sender and unauthorized message.

2d. Non-repudiation:

The aim of non-repudiation [1] [16] is related to a fact that if a node sends a message, the node cannot deny that the message was sent by it. The entity cannot later deny the message, because of produced signature for the message. In public key cryptography, a node A signs the message using its private key whereas other nodes decode and verify the message by using A’s public key, so A cannot deny that its signature is attached to the message.

2e. Availability:

The intention of availability [5] [14] [16] is to hold on network resources accessible and ready for use always to the legitimate users guaranteeing the survivability of the network even though in spite of an internal or external attacks.

2f. Freshness :

Data freshness [1] [5] [14] can ensure that the received data is new and no adversary can repeat the previous ones. Since wireless sensor networks leave some forms of time varying measurements, we must assure each message is fresh. To accomplish the freshness the method like nonce or time stamp should add to each data packet.

There are two types of freshness as follows:

Weak freshness: it provides a trivial order for messages, but does not transfer the data delay.

Strong freshness: it offers a general order for both demand and response of the messages and allows us to calculate the delays of messages before they arrive.

Different Attacks in WSN

Why is security necessary in WSN? The reasons are many. WSN applications are more vulnerable to WSN security attacks due to the broadcast nature of the unattended and extreme environments. Nodes are not physically safe because they are often placed in a hostile or dangerous environment which increases the vulnerability to the WSN.

Attacks on WSN is can be classified into active attacks and passive attacks. Fig 1 shows the classification of attacks under general categories.

Passive Attacks:

A passive attack defines in [16] [12] which holds the data switched over in the network without interrupting the operation of the communication.

Monitor and Eavesdropping:

Monitor & eavesdropping is the most common attack to privacy. It enables the adversary who could easily bring out the communication message by spying to the data. The Eavesdropping can act efficaciously against the privacy protection. [12]

Traffic Analysis:

After the transferred messages are encoded, they still leaves a high possibility analysis of the communication patterns which can be used further by adversary to cause malicious harm to the sensor network. [12]

Camouflage Adversaries:

One can disgusted and enter the network area by inserting their node or comparisons the other nodes to hide in the sensor network. Then these nodes can change him as a legal node and starts to get attracted towards the packets will leads to misrouting of packets in the network.[12]

Fig 1: General classification of Security Attack

Active Attacks :

The active attacks in [16] [12] states that the unauthorized attackers involves information suspension, alteration or fabrication the data stream in the communication channel. The types of active attacks are as follows:

Routing Attacks in sensor networks

Denial of service attacks

Node subversion

Node malfunction

False node

Node replication attacks

Routing Attacks in sensor networks

The attacks which relies on the network layer are called routing attacks. The following are the attacks that happen while routing the messages.

Spoofed, altered & replayed routing information:

The most outstanding attack on routing is to alter, spoof, or just replay routing information is known as false routing information [2] [4] [5] [10] [12] [14] [15] [16]. Malicious nodes simply,

Drop data packets quietly

Modify data content

Generate false error messages

Traffic redirections

Selective forwarding:

A venomous node which behaves like black hole can compromise the other nodes by creating an illusion that it is still active by forwarding only selective packets and that data can be routed via it. Introducing redundancy to the network in the form of multi-path routing will reduce the effort of selective forwarding attack in the WSN. [1] [2] [4] [5] [8] [10] [12] [14] [15]

Sinkhole attack:

In the sinkhole attack, the adversary’s aim is to decoy nearly all the traffic from a particular area through a compromised node, creating a false sinkhole with the adversary at the centre. If the enemy node does not introduce itself as the sink, the node closer to the sink will make more interruptions in the network because the traffic absorbed by enemy node will be more. [1] [2] [4] [5] [8] [10] [12] [15] [16].

Sybil attack:

A single node replicates itself and involves their existence in the multiple locations. In other words it is defined as a "malicious device illegitimately taking on multiple identifiers". The existence of this attack is at physical layer, data link layer and network layer.

The solution for Sybil attack is to verify the identities of participating nodes by having each node share a unique key with the base station. Two neighbouring nodes then communicate with each other using a shared key to encrypt and verify the link between them.[1] [2] [4] [5] [8] [10] [12] [14] [15].

Wormhole attack

In the wormhole attack, an adversary burrows messages received in one part of the network over a low latency link and plays back them in a different part. Wormhole attack is very difficult to detect because it uses out-of-bound channel to route packets. An adversary records packets or bits at one location in the network, tunnels them to another location and retransmits them into the network. [1] [2] [4] [5] [8] [10] [14] [15] [16].

Hello Flood attack:

It is a novel attack against sensor networks. The unidirectional connections between nodes are highly utilized by this attack. Nodes broadcast hello packets with the help of routing protocols to announce themselves to their neighbours and a node receiving such a packet may assure that it is within (normal) radio range of the sender. Hello flood attack will taken part in the network layer. [1] [4] [8] [10] [14] [15] [16] .

This attack will increases the delay since the messages are need to be routed mulit-hop to their parent nodes. The avoidance of this attack can easily be avoided by verifying the bi-directionality of a link through identity verification protocol before taking action based on the information reveived over the link.

Legal nodes

An Attacker

Fig 2: Illustration of Hello Flood attack

Denial of service attacks:

It is an event that belittles or eradicates a network’s capacity to perform its expected function. Its act as a path for the adversary to subvert, disrupt or destroy a network. Black hole, resource exhalant, sinkhole, wormhole, flooding, routing loops are the different types of DoS. [3] [8] [10] [12] [14].

Node subversion:

An intruder may expose all the encryption information, secret keys and algorithm by captivating a true node in the network. The adversary use the true node itself as an attacker to launch an inside attack. [3] [8] [12].

Node malfunction:

A malfunctioning node will generate the incorrect data which could expose the integrity of sensor networks by including dropping data packets at a high rate, denying packet forwarding requests. This will affect the performance of the network. [3] [12].

False node:

A false node involves the add-on of a node by an adversary and causes the injection of malicious data which leads to a communication bottleneck, false location claims and bring the network performance to the lower level. [3] [8] [12].

Node replication attack:

Node replication attack is defined as an attacker may add-on the malicious node into the network by imitating the identity of a true existing sensor node. That node will starts to create a problem to a WSN in various ways including message corruption, injection of fake data, deviating the packets direction to other nodes and so on.[3] [12]

Analysis

The perspective view and analysis of flood attack by different authors in different papers have been listed in the Table 1 with the brief descriptions as follows.

4 (a) Table 1: Analysis of Methods

S.No

Author name

Method name

1.

Revathi et al.:[13]

Extended DSR is implemented in ad hoc network.

2.

Virendra Pal singh, Sweta jain, Jyoti singhai [9]

Detection of hello flood attack on signal strength and client puzzle method.

3.

Mohamed M.Ibrahim, Nayera Sadek, Mohamed EI-Banna [11]

REHIDAN algorithm to identify flooding attacker nodes.

4.

H.Kim et al.:[7]

PDM novel Period based Defense Mechanism.

5.

Vuanyuan Zhang, Wassim Znaidi [6]

Multi path ACK scheme

4 (b) Descriptions

The brief descriptions for the methods listed on above table are as follows:

Method 1:

Dynamic Source Routing uses source routing instead of relying on the routing table at each intermediate device. In[13], the author have considered the neighbouring nodes as strangers, acquaintances and friends with different threshold values by implementing the algorithm in both RREQ flooding attack and DATA flooding attack using the extended DSR protocol.

The following fig 3, shows the performance analysis(evaluation) of throughput by varying the parameters such as number of malicious nodes, number of connections and mobility of nodes excluding the measurement of time, using extended DSR rather than regular DSR.

Fig 3: Malicious nodes Vs Throughput

Method 2:

To detect the hello flood attack, the authors have stated a solution in [13] based on signal strength and client puzzles method. By considering some primary assumption such as all sensor nodes are homogeneous, communicating within a fixed radio range which knows the fixed signal strength along with a time threshold, the two ray propagation is used to calculate the signal strength.

If the node receives hello message, have the signal strength equal to that of fixed strength, then it comes under stranger or a friend. Short client puzzles that need less computational and battery power is highly suitable to check the validity of suspicious nodes. The difficulty of puzzles can be made using Dynamic policy technique allotted to the strangers based on the number of hello messages sent.

Method 3:

The Ad hoc on- demand Distance Vector Routing protocol have the ability to forward the data packets in dynamic network topology, but it could not address all the possible attacks. To overcome the above problem, the Real-time Host Intrusion Detection for Ad hoc Networks (REHIDAN) algorithm is used in [11] to minimize the effectiveness of the attacks. Intrusion detection approach having the functions like Monitoring, analysing, assessing, recognizing, and tracking are examined by author. The REHIDAN algorithm in [11] uses the idea of neighbour suppression algorithm isolating through which, the attacker is isolated from the neighbour nodes. It is implemented, with OPNET.

Method 4:

The main concept of Period based Defense Mechanism (PDM) in [15] is data flooding attack , where the adversary itself first set up the path to all the nodes and starts to send useless packets along the path. The path cut off mechanism is used as a defense against data flooding attack. FAP is not able to distinguish burst traffic from attack traffic.

Method 5:

The main aim of network coding in [16] is to find optimal information dissemination in the network where two information flows are identified. It is intrinsically resistant to selective forwarding adversaries that drop packet in the data flow, due to its multipath nature. Multi-hop multi-stream unicast routing protocol, gradient based routing protocol are used for implementation.

Conclusion

Security in WSN is vital to maintain the good performance of the entire wireless network. In particular, we have concentrated on the Hello flood attack which relies on the network layer to briefly illustrate the methods and protocols that have been implemented in different papers from the different perspective view of different authors which will take the performance of the network to the next higher level. Our future is based on the mobility of the nodes along with the time measure to exclude the adversary from the network through the identification of the malicious nodes via signal strength comparison. For each node in terms of number of hello messages sent, the client puzzle method is used, and the difficulty of puzzle can be adjusted by applying the Dynamic policy technique which increases the throughput of the network by considering different routing protocol at different aspects to achieve the suspected output from the performance of the network.