1 / 20

Security in Wireless Sensor Networks

Security in Wireless Sensor Networks. Perrig, Stankovic, Wagner. Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004. Introduction to sensor networks Security Issues Key establishment & setup Secrecy & Authentication Privacy Robustness to DOS Secure Routing

alayna
Download Presentation

Security in Wireless Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004

  2. Introduction to sensor networks • Security Issues • Key establishment & setup • Secrecy & Authentication • Privacy • Robustness to DOS • Secure Routing • Resilience to node capture • Secure Group Management • Intrusion Detection • Secure Data Aggregation • Secure Sensor Network Research

  3. Broad Range of Applications • Wildlife Monitoring • Machinery Performance • Building Safety • Military Applications • Health Monitoring • Countless other applications Most applications require some level of security!

  4. Traditional security cannot be applied directly • Sensor device limitations • Power, Processing, and Communication • Nodes are often physically accessible, allowing possible physical attacks • Sensor networks interact with their environments and with people

  5. Security Research Issues • These new problems present an opportunity to properly address network security • Security is NOT a standalone component – it must be integrated into every component

  6. Key Establishment & Setup • Why not use existing protocols? • Public key cryptography has too much system overhead for sensor networks • Key establishment techniques must scale well to hundreds or thousands of nodes • Sensor nodes have different communication needs

  7. Key Establishment - Potential Solutions • Establish a network wide shared key • Problem: if one node is compromised, the whole network is compromised • Instead use shared symmetric keys between each pair of nodes that are preconfigured • Problem: It doesn’t scale well! • For an n node network, each node must store n-1 keys, and n * (n – 1) / 2 total keys are needed. • Combine the above: use a network wide key to establish link keys, then erase the networkwide key. • Problem: New nodes cannot be added after initial deployment

  8. Key Establishment - Potential Solutions (cont.) • Bootstrapping Keys • each node shares a single key with the base station and the base station sets up keys between pairs. • Problem: requires a trusted base station that is the central point of failure • Random Key Predistribution – • choose a large pool of symmetric keys, and give each node a random subset of the pool • not all nodes share a common key, but the network will still be fully connected if the probability of two nodes sharing a key is sufficiently high • Problem: once compromising a sufficient number of nodes, attackers could reconstruct the entire pool and break the scheme

  9. Secrecy & Authentication – Cryptography • End-to-end cryptography • Provides high level of security, but requires that keys be set up among all end points • Incompatible with passive participation and local broadcast • Link-layer cryptography • Simplifies key setup • Supports passive participation and local broadcast • Problem? Intermediate nodes can eavesdrop and alter messages. Is this really a problem?

  10. Cryptography Issues • Performance Costs • Extra computation • Could be reduced by additional hardware but this increases node cost and will it really fix the problem? • Increases packet size • Recent research shows that most of the performance overhead is attributable to increased packet size, not additional computation • This limits how much dedicated cryptographic hardware will help

  11. Robustness to Denial of Service • Adversaries can simply broadcast a high-energy signal or violate the 802.11 MAC protocol to disrupt communication • Solutions? • Spread spectrum communication, but cryptographically secure spread spectrum radios are not commercially available • Automated defense, by simply routing around the jammed portion of the network

  12. Secure Routing • Current routing protocols suffer security vulnerabilities • DOS attacks, packet injection, replay attacks

  13. Resilience to Node Capture • Sensor networks are highly susceptible – the compromise of a single node usually compromises the entire network • This is more of a problem because sensor networks often lack physical security

  14. Solutions to Node Capture • Physical solution • tamper resistant packaging • Software: • Create algorithms that use majority voting schemes; send packets along multiple independent paths and check for consistency • Gather redundant data and analyze for consistency

  15. Secure Group Management • Groups of nodes perform data aggregation and analysis (tracking a moving object) • The group may change continuously and quickly • Protocols are needed for admitting new group members and supporting secure communication with the group • Solutions conserve time and energy

  16. Intrusion Detection • Classic intrusion detection is very expensive in terms of memory, energy, and bandwidth • To develop a solution, typical threat models must be analyzed • Secure groups may be a possible solution for decentralized intrusion detection

  17. Secure Data Aggregation • Tons of data can be collected from the various nodes in the network • How do we aggregate the data so as to reduce network traffic to the base station? • Aggregation locations must be secured

  18. Privacy • How do we prevent sensor networks from being used to violate privacy? • Devices are becoming smaller, cheaper, and more effective at surveillance • Solutions? • New laws, technological responses, and awareness

  19. Other Issues • What cryptographic algorithms are best suited for use in sensor networks? • Public key cryptography? Too expensive! • DES/Triple DES • AES • RC5 • We need something that fits the processing and memory requirements of our nodes

  20. Secure Sensor Network Research • How can we build security into sensor networks from the outset? • Advantages of sensor networks • Many applications will be deployed under a single administrative domain • It may be possible to exploit redundancy, scale, and physical characteristics

More Related