SECURITY PROTOCOL FOR WIRELESS SENSOR NETWORK

(1)

Available Online at www.ijpret.com 1211

INTERNATIONAL JOURNAL OF PURE AND

APPLIED RESEARCH IN ENGINEERING AND

TECHNOLOGY

A PATH FOR HORIZING YOUR INNOVATIVE WORK

SECURITY PROTOCOL FOR WIRELESS SENSOR NETWORK

SHRUTI D. JAWANJAL

Prof Ram Meghe College of Engineering, Sant Gadge Baba University (SGBAU), Amravati, Maharashtra. Accepted Date: 05/03/2015; Published Date: 01/05/2015

Abstract:Wireless Sensor Network has importance in many applications. The very important

thing in WSN is its security. There are many research done on making the sensor network useful and efficient but on security there is less concentration. There are some applications which depends on WSN are geographical monitoring, medical diagnosis, miliatiary security and industrial monitoring. Here for security SPIN consist of two components SNEP and µTESLA. Where SNEP provides data confidentiality, two side data authentication and data freshness. µTESLA gives authenticated broadcast for related environment. This paper discuss security constraints and solution on different security threats.

Keywords: Wireless Sensor Network, Efficient, Geographical moniotoring, SPIN, SNEP,

µTESLA, Broadcast.

Corresponding Author: MS. SHRUTI D. JAWANJAL

Access Online On:

www.ijpret.com

How to Cite This Article:

Shruti D. Jawanjal, IJPRET, 2015; Volume 3 (9): 1211-1219

(2)

Available Online at www.ijpret.com 1212 INTRODUCTION

Wireless Sensor Network is one of the important technology in the networking. It consist of many number of nodes with some resource constraints each sensor node has wireless communication capacity and some intelligence for signal processing power and networking [3].All these nodes are working in the monitoring area in the scattered way to collect data, process and send it to central node for other processing. The Network throuput is limited. Conventional network with fixed infrastructure needs the security against injection or modification of disseminates data packets and eavesdropping. It requires the security including traffic analysis, node replication, denial of service (Dos)[5].The nodes has the 4MHz of processing power,4KB of RAM and short transmission distance of less than 100 feet, Tiny Os is present and available code space is 4500 bytes[6].It is very important to sure that all known attacks are defended and a security system for WSN[10].

2 DEFFINIG THE PROBLEM

A wireless sensor network has many resource constraints as compared to the traditional computer networks. Due to these resource constraints it is difficult to directly employ the existing security approaches to the area of wireless sensor networks. Therefore, to develop useful security mechanisms while borrowing the ideas from the current security techniques, it is necessary to know and understand these constraints first [19].

2.1 constraints in wsn

Resource constraints: Sensor nodes have limited resources, Including less computational capability, small memory, low Wireless communication bandwidth, and a limited, usually no rechargeable battery.

Small message size: Messages in sensor networks usually have a small size compared with the existing networks. As are sult, there is usually no concept of segmentation in most applications in WSN. Addressing Schemes: Due to relatively large number of sensor nodes, it is not possible to build global addressing schemes for deployment of a large number of sensor nodes as overhead of identity maintenance is high.

(3)

Available Online at www.ijpret.com 1213 2.2 security requirements

Security for wireless sensor networks should concentrate on the protection of the data itself and the network connections between the nodes [5]. In general, security requirements may change with application. In WSNs we can distinguish the following important requirements of security capabilities: authentication and authorization, availability, confidentiality, integrity and freshness.

Authorization. Data authorization specifies access rights to resources and is strongly related to access control. Access control should prevent unauthorized users from par-ticipating in network resources. Hence, only authorized users can access a given network. Access control relies on access policies that are formalized, like access control rules in a computer system. Most modern operating systems include access control.

Authentication: Message authentication implies a sender verification using cryptographic key. Authentication mechanisms are used to detect maliciously or spoofed packets. They are especially important in WSNs which use a shared wireless medium. In case of unicast transmission, an authentication can be guaranteed by symmetric key cryptography, using Message Authentication Code (MAC) in IEEE802.15.4. Broadcast authentication requires more complex solutions [9].

Availability: In secure network data should be safe and accessible at all times. Availability guarantees the survivability of network services against Denial-of-Service (DoS) attacks that can be launched at any layer of a wireless sensor network, and may disable a given device (network node) permanently. Moreover, DoS attack involved excessive computation and communication may exhaust battery charge of a sensor device.

Confidentiality: In WSN keeping sensitive data secret is the most important issue in case of critical applications in which highly sensitive data (secret keys, sensitive measurements, etc.) are collected and transmitted. Data confidentiality ensures that sensitive data is never disclosed to unauthorized users or entities. Hence, measurement data should not be available to neighboring nodes, and secure channels between nodes should be created. To protect a net-work against cyberattacks and malicious nodes, the routing information and sensor identities should remain confidential too. The standard approach to prevent end-to-end data confidentiality is to encrypt the data with a secret key.

(4)

preventing unauthorized insertion, modification or destruction of data. In WSNs a malicious node may change messages to perturb the network functionality. Moreover, due to unreliable communication channel sit is easy to inject infected packets or alerted data. In WSNs data integrity guarantees that a message being transferred is never corrupted, but providing data integrity is not enough for wireless communication. The compromised sensor nodes can listen to transmitted messages and replay attacks. Data freshness protects data against replay attacks by ensuring that the transmitted data is recent one [5].

3. ATTACKS ON WSN ANDTHEIR MITIGATION

3.1 Denial of service

This type of attack results into making unavailable the resources to their intended users. As an example node A sends request to node B for communication and node B sends acknowledge to node A but A keeps on sending request to B continuously. As a result B is not able to communicate with any other nodes and thus becomes unavailable to all of them. Denial of service attack may also occur at physical layer by jamming (by broadcasting mechanism) and/or tampering (modification or fabrication) of the packet. In Link Layer it is by producing collision data, exhaustion of resources and unfairness in use of networks. In network layer, it occurs by way of neglecting and the greediness of packets resulting into path failure. In transport layer, DOS attack occurs due to flooding and desynchronization.

3.2 Attack of information in transit

In case of wireless sensor networks usually each node reports changes to a cluster head or base station only for data above some threshold. Information in transit may be altered, spoofed,

Replayed again or vanished. In this type of attack attacker has high processing power and large communication range. This type of attack may be prevented by data aggregation and authentication techniques.

3.3 Sybil attack

(5)

Available Online at www.ijpret.com 1215 Fig 1: Sybil Attack

3.4 Black hole/ Sinkhole Attack

In this type of attack, attacker places himself in a network with high capability resources (high processing power and high band width) by which it always creates shortest path. As a result, all data passes through attacker’s node.

Fig 2: Conceptual view of Black hole Attack

I. 3.5 ‘Hello flood’ Attack

This is one of the simplest attacks in wireless sensor networks in which attacker broadcasts HELLO packets with high transmission power to sender or receiver. The nodes receiving the messages assume that the sender node is nearest to them and sends packets by this node. By this attack congestion occurs in the network. This is a specific type of DOS. Blocking techniques used to prevent Hello Flood attacks.

II. 3.6 Wormhole Attack

(6)

wants to send data by way of broadcasting before sending the data to find path. However the attacker introduces himself as a node X and sends acknowledgement to Y and Y sends data to X that is received by and sends that data to X by tunneling, hiding its own identity. In this case X and Y are not in a single hop but they think they are in a one hop range. The attacker thus may destroy security by interruption, interception, modification and fabrication.

Fig 3: Wormhole Attack

4. SECURITY SOLUTIONS IN SENSOR NETWORKS

Security suites already exist that are at least some way appropriate for use in WSNs, and combat some of the threats to these networks. This section review some of the more popular and more suitable solutions here.

4.1 SPINS: Security Protocols for Sensor Networks

Adrian Perrig et al.[5] proposed “SPINS” a suite of security protocols optimized for sensor networks. SPINS has two secure building blocks: SNEP and μTESLA. SNEP includes: data confidentiality, two-party data authentication, and evidence of data freshness. μTESLA provides authenticated broadcast for severely resource-constrained environments.

4.1.2 SNEP: Sensor Network Encryption Protocol SNEP provides a number of following advantages.

1. It has low communication overhead as it only adds 8 bytes per message.

2. Like many cryptographic protocols it uses a counter, but avoids transmitting the counter value by keeping state at both end points.

(7)

4. Finally, SNEP protocol offers data authentication, replay protection, and weak message freshness. However, sending data over the RF channel requires more energy.

• Semantic security: Since the counter value is incremented after each message, the same message is encrypted differently each time. The counter value is long enough that it never repeats within the lifetime of the node.

• Data authentication: If the MAC verifies correctly, the receiver can be assured that the message originated from the claimed sender.

• Replay protection: The counter value in the MAC prevents replaying old messages. Note that if the counter were not present in the MAC, an adversary could easily replay messages.

• Weak freshness: If the message verified correctly, the receiver knows that the message must have been sent after the previous message it received correctly (that had a lower counter value). This enforces a message ordering and yields weak freshness.

• Low communication overhead: The counter state is kept at each end point and does not need to be sent in each message.

III. 4.1.2μTesla: Authenticated Broadcast

(8)

, and TinySec-AE, for authenticated and encrypted messages. For the TinySec-AE packet, a payload of up to 29 Bytes is specified, with a packet header of 8 Bytes in length. Encryption of the payload is all that is necessary, but the MAC is computed over the payload and the header. The Tiny Sec- Auth packet can carry up to 29Bytes of payload. The MAC is computed over the payload and the packet header, which is 4 Bytes long. Generally, the security of CBC-MAC is directly related to the length of the MAC. TinySec specifies a MAC of 4 Bytes, much less than the conventional 8 or 16 Bytes of previous secuty protocols. In the context of sensor networks, Karlof et al. argue that this is not detrimental. Should an adversary repeatedly attempt blind forgeries.

IV. 5. CONCLUSION AND FUTURE WORK

Each of the authentication mechanisms are to be examined in a simulated environment and evaluated under the headings speed of operation, power consumption, efficiency and security level offered. The details for these mechanisms are available in section 3 and in addition a comparison table is given in the Table 4.1 of this paper. This is to further evaluate the effectiveness of these protocols and define their more desirable characteristics. There is currently no one solution that can be plugged-in to an application to provide all the necessary. The future goal of this research is to develop a new authentication protocol, by combining the most desirable traits of what currently exists and implementing some new ideas, which is optimal for implementation in wireless sensor network application security primitives

6 REFERENCES

1. Jan Steffan, Ludger Fiege, Mariano Cilia Alejandro Buchman,” Scoping in Wireless Sensor Networks”, 2nd workshop on middleware for pervasive and Ad-Hoc Computing Toronto, Canada, 2004 ACM 1-58113-951-9.

2. Chris karlof, Naveen Sastry, David Wanger,“TinySec: A Link Layer Security Architecture for Wireless Sensor Networks”, Proceedings of the 2nd international conference on Embedded networked sensor systems, November 3-5, 2004, pages 162-172,Baltimore, Maryland, USA. ISBN: 1-58113-879-2.

3. Gunnar Gaubat, Jens-Peter Kaps, BerkSunar, “Public Key Cryptography in Sensor networks- Revisited”, Book Series Lecture Notes in Computer Science Pages 2-18, 11january 2005.

(9)

5. Cauligi S. Raghavendra,”PEGASIS: Power-Efficient Gathering in Sensor Information System”, 2002 IEEE Aerospace Conference Proceedings - Volume 3, Big Sky, MT; UNITED STATES; 9-16 Mar. 2002. pp. 3-1125 to 3-1130. 2002 2002.

6. Siva D. Muruganathan, Daniel C.F. MA, Rolly I. Bhasin, Abraham O. Fapojuwo,”A Centralized Energy- Efficient Routing

Protocol for Wireless Sensor Networks”, IEEE Communications Magazine. Vol. 43, no. 3, pp. S8-13. Mar. 2005.

7. P. Bose, P. Morin, I. Stojmenovi´c; and J. Urrutia. Routing with guaranteed delivery in ad hoc wireless networks. Wirel. Netw., 7(6):609–616, 2001.

8. D. Braginsky and D. Estrin. Rumor routing algorthim for sensor networks. In WSNA ’02: Proceedings of the 1st ACM international workshop on Wireless sensor networks and applications, pages 22–31, New York, NY, USA, 2002.ACM Press.

9. P. Brutch and C. Ko. Challenges in intrusion detection for wireless ad-hoc networks. In 2003 Symposium on Applications and the Internet Workshops (SAINT’03 Workshops), 2003.