Security allows wireless sensor networks (WSNs) to be used with confidence. Without security, the use of WSN in any application domain would result in undesirable consequences.
The basic idea of a WSN is to disperse tiny sensing devices that are capable of sensing some changes of incidents/parameters and communicating with other devices, over a specific geographic area for some specific purposes like target tracking, surveillance and environmental monitoring.
Basically, the major challenge for employing any efficient security scheme in wireless sensor networks is created by the size of sensors, followed by the processing power, memory and type of tasks expected from the sensors.
Challenges in providing security to a WSN
First, there is a conflicting interest between minimisation of resource consumption and maximisation of security level. During the design of any security solution, one needs to take care of limited energy, limited memory, limited computing power, limited communication bandwidth and limited communication range.
Second, the type of security mechanism that can be hosted on a sensor node platform is dependent on the capabilities and constraints of sensor node hardware.
Third, the ad-hoc networking topology of WSN facilitates attackers for different types of link attacks ranging from passive eavesdropping to active interference. Attacks on a WSN can come from all directions and target any node leading to leakage of secret information, interfering message, impersonating nodes, etc.
Fourth, the communication in WSN is through wireless media, mainly radio. This characteristic of WSN makes wire-based security scheme impractical for a WSN.
Fifth, the topology of WSN is al-ways dynamic. The sensor nodes can come and go in an arbitrary fashion. Node failures may be permanent or intermittent, and this gives a higher level of system dynamics. Besides, very often large numbers of nodes are expected in sensor network deployments and the nature of this deployment is unpredictable.
Finally, the overall cost of the WSN should be as low as possible.
Basic security schemes in WSNs
Security is a broadly used term encompassing the characteristics of authentication, integrity, privacy, non-repudiation and anti-playback. Every eligible receiver should receive all messages intended for it and be able to verify the integrity of every message as well as the identity of the sender. Adversaries should not be able to infer the contents of any message.
In conventional computer networks, the primary security goal is reliable delivery of messages (protection against denial-of-service (DoS) attack). Message authenticity, integrity and confidentiality are usually achieved by an end-to-end security mechanism such as secure socket layer. This is because the dominating traffic pattern is end-to-end communication, where it is neither necessary nor desirable for the contents of the message (beyond the necessary headers) to be available to the intermediate routers. The more the dependency on the information provided by the networks, the higher the risk to secure transmission of information over the networks. For secure transmission of various types of information over networks, several cryptographic, steganographic and other techniques are needed.
Since sensor nodes use wireless communications, eavesdropping, injection, replay and other attacks can be placed on the network. The adversary is able to deploy malicious nodes in the network or compromise some legitimate nodes.
Cryptography. The encryption-decryption techniques devised for the traditional wired networks are not feasible to be applied directly to wireless networks, in particular wireless sensor networks. The tiny sensors of WSNs suffer from the lack of processing, memory and battery power. Applying any encryption scheme requires transmission of extra bits, hence extra processing, memory and battery power, which are very important resources for the sensors’ longevity. Applying the security mechanisms such as encryption could also increase delay, jitter and packet loss in wireless sensor networks.
Steganography. While cryptography aims at hiding the content of a message, steganography hides the existence of the message. Steganography is the art of covert communication by embedding a message into the multimedia data (image, sound, video, etc). Its main objective is to modify the carrier in a way that is not perceptible and hence it looks just like ordinary. It is very useful when you want to send a secret data without sender information or you want to distribute secret data publicly.
Attacks in wireless sensor networks
A large-scale sensor network consists of thousands of sensor nodes and may be dispersed over a wide area. Typically, sensor nodes are susceptible to many kinds of attacks:
Passive information gathering. An adversary with powerful resources can collect information from the sensor networks if it is not encrypted.
Node subversion. Capture of a node may reveal its information including cryptographic keys and thus compromise the whole sensor network.
False node. Addition of a node by an adversary to inject malicious data, whereby the false node is computationally robust enough to lure other nodes to send data to it.
Node malfunction. A malfunctioning node generates inaccurate data which could jeopardise the integrity of the sensor network, especially if it is a data aggregating node such as a cluster leader.
Node outage. A node stops its function. In case a cluster leader stops functioning, the sensor network protocols should be robust enough to mitigate the effects of node outages by providing an alternative route.