WSNs are vulnerable to different types of attack. The damage caused by these attacks varies from one scheme to another according to the adversarial model.
One of the potential vulnerabilities in WSNs results from compromising its sensor nodes, given the lack of tamper-resistant packaging [54, 135]. An adversary could gain control of one or more sensor nodes and readily access sensitive information. It is usually assumed that node capture is easy in WSNs due to a lack of physical restrictions that help control access to the de- ployment area in outdoor environments [8]. This attack is referred to as the supervision attack and sometimes the physical attack. Considering the data aggregation scenario, once a node has been taken over, all the secret information stored on it can be extracted and the adversary can then participate in aggregation activities. Even worse, the adversary may also inject their own commodity nodes into the network by fooling nodes into believing that these commodity nodes are legitimate members of the network, especially if there is no proper authentication scheme in place. A simulation study showed that network operation and maintenance can be easily jeopardized and network performance will severely degrade once a single node starts misbehaving [80].
The purpose of this section is to highlight different capabilities that an adversary may have against a secure data aggregation scheme. Before we classify expected adversaries, possible security attacks related to WSNs are discussed in the following section.
2.2.1
Security Attacks
This subsection studies how attacks related to WSNs (WSNs attacks) can affect any proposal to secure data aggregation in WSNs. WSNs attacks are discussed as follows:
Sybil Attack (SY)
The Sybil attack1 is a type of attacks where the adversary is able to present more than one identity (node) within the network to deceive other nodes [39]. A node that wishes to conduct the SY attack can affect an aggregation scheme in different ways: it can (i) create multiple identities to generate additional votes in the aggregator election phase to make a malicious node an aggregator instead of legitimate nodes, (ii) generate multiple entries to an aggregation function with different incorrect readings, or (iii) create multiple identities to affect reputation values of legitimate nodes in reputation-based applications by falsely degrading legitimate node reputation values.
Let us consider the example given in Figure 2.1 where an adversary creates fake IDs in order to affect the overall performance of the network. Figure 2.1-A shows a sketch of the normal scenario without any adversary. The real path starts from node A(D) and ends at
A
C
B
D
A
C
B
D
B`
A. Normal Scenario
B. Modified Scenario
B
B
Adversary Compromised Sensor Genuine Sensor
Figure 2.1: Sybil Attack
node D(A). NodesB and C are adjacent neighbors. A simple form of the SY attack occurs when an adversary has the ability to compromise some sensor nodes. Suppose that an adversary succeeded in compromising nodeBand then manipulating the route discovery messages within the routing activities. Thus, the adversary can add another node to the network, which is nodeB′ in Figure 2.1-B. Now, the adversary can communicate with nodeAusing nodeBand communicate with nodeC using nodeB′. It can perform malicious activities in the network and trickily blame node B′ (or nodeB) for those activities and leave the reputation value of nodeB (or nodeB′) untouched.
Selective Forwarding Attack (SF)
It is sometimes assumed that each node will accurately forward received messages. However, a compromised node may refuse to do so. It is up to the adversary that is controlling the compromised node whether to forward received messages or not [67]. To put it in another way, the process of stopping the propagation of certain messages at the compromised node is under the control of the adversary. Once the adversary has succeeded in launching a SF attack, it can affect the propagation of the reputation information, such as direct observations across the network. Note that SF attacks are most effective when the attacking nodes are included in the path of the data flow.
Figure 2.2 depicts a simplified scenario of a SF attack. The scenario follows the single aggregator model [6], where node A acts as an aggregator. In Figure 2.2-A, an adversary succeeded in compromising nodeB but behaved well and forwarded the request message sent by nodeA. Later on, node B, which is still under the adversary control, drops the response from D as in Figure 2.2-B. Since the aggregator has not received any reply for its recent request, node A updates its reputation table and reduces the reputation value of node D
A
C
B
D
A
C
B
D
A. Request Path
B. Reply Path
X
B B Adversary Compromised Sensor Genuine SensorFigure 2.2: Selective Forwarding Attack
as in Figure 2.2-B. Note that the reputation table does not usually contain any reputation information for the node that maintains the table. For example, the reputation table which is maintained by nodeA in Figure 2.2 does not have reputation information for the node itself (nodeA).
Replay Attack (RE)
Some WSN applications are vulnerable to replay attacks where an adversary is able to eavesdrop on the traffic and replay old messages. Replay attacks are the easiest, because the adversary does not need to physically capture a sensor node and get access to its internal memory, or analyze intercepted encrypted data. In the reputation-based applications context, an adver- sary can record some reputation information, which has been exchanged wirelessly between sensor nodes, without even understanding its content and then replay them (with no changes) to mislead other nodes and make their reputation tables out-dated.
Figure 2.3 describes a simplified scenario of a RE attack in which the adversary has captured the reputation update message at a certain timet1 (see Figure 2.3-A), and then re-injected it
at timet2 wheret2 > t1(see Figure 2.3-B). With no proper verification, nodes B, C,andD
will accept this re-injection and end up being out-dated and thus potentially with incorrect reputation values.
Spoofed Data Attack (SD)
In this type of attack, an adversary alters intercepted data in order to inject false data into the network and affects the reputation values. This attack cannot be launched alone; the ad- versary needs to combine either a RE attack or node compromise attack with a SD attack. In
A
C
B
D
A
C
B
D
A. Reputation
Update at t
1B. Reputation
Update at t
2 B B Adversary Compromised Sensor Genuine SensorFigure 2.3: Replay Attack
A
C
B
D
A
C
B
D
A. Normal Scenario
B. Modified Scenario
B
B
Adversary Compromised Sensor Genuine Sensor
the former, the adversary first eavesdrops on the traffic, captures some reputation information in understandable format, performs some changes on the captured information, and then re- injects it into the network. In the latter, the adversary first needs to overtake a sensor node, and can then affect the reputation calculation by falsely claiming that his direct observation for node Ni is Ri
′
(instead of the correct Ri). Ri
′
is then propagated to neighboring nodes which are misled by the received indirect observation Ri
′
and thus their calculations for the reputation value ofNiare affected.
Figure 2.4 presents a simplified scenario of a SD attack once the adversary has succeeded in compromising nodeB. The adversary, in Figure 2.4-B, during the reputation update phase, claims that the reputation value for node A isRA
′
notRA and then sends it to neighboring nodesCandD. Therefore, nodesCandDwill useRA
′
as an indirect observation for nodeA
when they calculate the reputation value for nodeA.
2.2.2
Adversary Classification
Current cryptographic-based secure data aggregation schemes are threatened by adversaries with different capabilities. The following criteria are used to classify adversaries:
The adversary can take over a sensor node. The adversary can then read and modify all the software code and configurations, including secret keys, installed in the sensor node. For example, once the adversary has succeeded in compromising a sensor node, the ad- versary can then alter any software installed in this node. In other words, adversaries can be: passive oractive. Passive adversaries take advantage of the wireless communication nature (broadcasting) and eavesdrop on the traffic to obtain any important information about the sensed data. Active adversaries interact with WSNs by injecting packets, destroying or compromising nodes, extracting sensitive data, and stopping or delaying packets from being delivered to a querier, etc. They can launch any type of attack listed in Section 2.2.1.
The adversary has access to the whole network. As discussed in Section 1.3, there are three components in WSNs: sensor nodes, aggregators, and a base station with different functionalities and capabilities. The adversary’s ability to interact with these compo- nents is determined by the network access. Passive adversaries withtotal network access can listen to all communications between sensor nodes in the network; and active adver- saries can interact maliciously with all components in WSNs (nodes, aggregators, base stations) by launching any attack listed in Section 2.2.1. However, this type of access is not common in most WSN applications. Moving from thetotal network access capability to partial network access, passive adversaries can listen to communications between a subset of nodes in the network. Active adversaries can interact only with a subset of nodes in the WSN.
According to the above two criteria, adversaries are divided into four distinct types as shown in Figure 2.5. Type I is the weakest adversary: capable of eavesdropping on communications
Figure 2.5: Classification of adversaries
in some parts of the network in which it has access to, but not capable of interacting with the network. To the best of our knowledge, this type of adversary has never been considered in any secure data aggregation scheme. Type IV is the strongest. It refers to an active adversary that has total access to the network. This type of adversary is interested in affecting the data aggregation results by launching any attack listed in Section 2.2.1 against any network component (nodes, aggregators, base stations). We believe that this adversary classification can help to make better evaluation of new schemes and facilitate making decisions on which scheme is more suitable for specific conditions, as discussed in Section 2.4.3. In the following section, current cryptographic-based secure data aggregation schemes are discussed.
A. Single Aggregator
B. Multiple Aggregator
Base Station
Aggregator Sensor
Figure 2.6: A sketch of single and multiple aggregator models