CP5291 Security Practices UNIT II

 It is also responsible for interacting periodically with the mobility planes of other neighboring
nodes, so that it can create and maintain a table of active, power efficient routes.

Power Plane
 The power plane focuses on the awareness of power at each horizontal and vertical layer.
 The power planes of each node work collectively on deciding efficient routes to sink nodes and
maintain the sleep/awake cycles of sensor nodes.

Task Management Plane

 The task management plane is responsible for achieving a common goal.
 The goal is met by taking the properties of each layer and across each layer in a power-aware
manner.

2.6.2 Attacks on WSN

It provides a classification system that ideally suggests ways to mitigate attacks by prevention,
detection, and recovery. In general, attacks can be divided into active and passive attacks:
Passive Attack
In this type of attack, the attacker is able to intercept and monitor data between communicating nodes,
but does not tamper or modify packets for fear of raising suspicion of malicious activity among the
nodes.
For example, in traffic analysis, the attacker may not be able to decode encrypted data, but can find
useful information by analyzing headers of packets, their sizes, and the frequency of transmission.
Active Attack
In this type of attack, the attacker actively participates in all forms of communication (control and data)
and may modify, delete, reorder, and replay messages or even send spoofed illicit messages to nodes in
the network.

56 B.ShanmugaSundari, AP/CSE, PETEC csenotescorner.blogspot.com

 CP5291 Security Practices UNIT II

Figure 2.13 Taxonomy of attacks for WSN

1. Threats To Privacy
In WSN, threats to privacy can be further classified into reconnaissance and eavesdropping
Reconnaissance
Reconnaissance refers to intelligence gathering or probing to access the vulnerabilities in a network in
order to launch a full-scale attack later. Reconnaissance attacks can be further classified into active and
passive.
 Passive reconnaissance attacks include the collection of network information through indirect
or direct methods, but without probing the target;
 Active reconnaissance attacks involve the process of gathering traffic with the intention of
eliciting responses from the target.

Eavesdropping

57 B.ShanmugaSundari, AP/CSE, PETEC csenotescorner.blogspot.com

 CP5291 Security Practices UNIT II

Eavesdropping is the act of listening secretly to a private conversation. Eavesdropping is an operation to

learn the ―aggregate data‖ that is being collected by the entire network. It can be further classified into
active and passive eavesdropping:
Active eavesdropping – The adversary actively sends queries to other nodes in an attempt to goad them
to respond to his queries, and in exchange will be able to comprehend the precise task assigned to the
nodes in the network. Usually, the attacker launches a ―man-in-the-middle attack‖ to infiltrate the
network and enforce himself on the active path.
Passive eavesdropping – The attacker inserts him- or herself into the active path, unbeknownst to other
nodes in the network.

2. Threats to Control
The nodes in the network are unaware that the entire flow control is being handled by the attacker.
Man-in-the-Middle Attack
 In this type of attack, the attacker intrudes into the network and attempts to establish an
independent connection between a set of nodes and the sink node.
 In a passive state, he simply relays every message among the nodes with the intention of
performing an eavesdropping attack.
 In an active state, he can tamper with the intercepted data in an effort to break authentication.

Radio Interference
 With the increase in the number of wireless technologies using the same open spectrum band
(2.4 GHz, 5 GHz, or 900 MHz), there is bound to be radio interference.
 For example, in a dense urban environment, where cordless phones share the same spectrum,
radio interference can cause a sharp degradation of individual node performance.

Injection Attack
 After the attacker has clandestinely intruded into the WSN network, he may impersonate a few
of the sensor nodes (or even sink nodes) and may inject malicious data into the network.
 The malicious data might be false advertisement of neighbor-node information to other nodes,
leading to impersonation of sink nodes and aggregation of all data.

Replay Attack

58 B.ShanmugaSundari, AP/CSE, PETEC csenotescorner.blogspot.com

 CP5291 Security Practices UNIT II

A replay attack is a common attack in WSN, whereby an attacker is able to intercept user data and
retransmit user data at a later time. This attack is also useful during shared key-distribution processes.

Byzantine Attack
In a Byzantine attack, the outside adversary is able to take full control of a subset of authenticated
nodes that can be further used to attack the network from inside. Such attacks by malicious behavior are
known as Byzantine attacks. Examples include:
Black-hole attack – In this type of attack, the attacker drops packets selectively, or all control and data
packets that are routed through him.
Flood rushing attack – This type of attack is common to wireless networks and exploits the flood
duplicate suppression technique. In this attack, the attacker attempts to overthrow the existing routing
path by sending a flood of packets through an alternate route, which will result in discarding the
legitimate route and adopting the adversarial route.
Wormhole attack – In this type of attack, two conniving sensor nodes, or laptops, tunnel control and
data packets between each other, with the intention of creating a shortcut in the WSN. This type of
attack is very closely related to the sinkhole attack, because one of the conniving nodes could falsely
advertise to be the sink node and thereby attract more traffic than usual.
One of the main differences between a Byzantine wormhole and a traditional wormhole is that in a
Byzantine wormhole, the tunnel exists between two compromised nodes, while in a traditional
wormhole, two legitimate nodes are tricked into believing that a secure tunnel exists between them.
Byzantine overlay network wormhole attack – This type of attack is a variant of the wormhole attack
and occurs when the wormhole attack is extended to multiple sensor nodes; resulting in an overlay of
compromised nodes.

Sybil Attack

Sybil is an impersonation attack in which a malicious node masquerades as a set of nodes by claiming
false identities, or generating new identities in the worst case. Such attacks can be easily executed in a
WSN environment because the nodes are invariably deployed in an unstructured and distributed
environment, and communicate via radio transmission.

Sinkhole Attack

59 B.ShanmugaSundari, AP/CSE, PETEC csenotescorner.blogspot.com

 CP5291 Security Practices UNIT II

In a sinkhole attack, the adversary impersonates a sink node and attracts the whole of traffic to a node
or a set of nodes

3. Threats to Availability
Due to threats to the WSN, some portion of the network or some of the functionalities or services
provided by the network could be damaged and unavailable to the participants of the network.
Denial of Service (DoS) or DDoS - A denial-of-service attack occurs when an attacker floods the
victim with bogus or spoofed packets with the intent of lowering the victim‘s response rate. In the
worst-case scenario, it makes the victim totally unresponsive.
An extension of a DoS attack is a distributed DoS attack, where an attacker takes control of a few nodes
in the network, leading to a distributed flood attack against the victim.
HELLO Flood Attack - One of the common techniques for discovering neighbors is to send HELLO
packets. If a node receives a HELLO packet, it indicates that it is within the range of communication.
However, a laptop-class adversary could easily send HELLO packets with sufficient power to convince
the sensor nodes that it is in proximity of communication and may be a potential neighbor. The
adversary could also impersonate a sink node or a cluster node.
Jamming – Jamming is one of the most lethal types of attacks in WSN and is a direct way to
compromise the entire wireless network. In this type of attack, the attacker jams a spectrum band with a
powerful transmitter and prevents any member of the network in the affected area from transmitting or
receiving any packet. Jamming attacks can be divided into constant jamming and sporadic jamming.
Sporadic jamming can be very effective at times when a change in one bit of a data frame will force the
receiver to drop it.
Collision – Collision attacks target the MAC layer to create costly exponential backoff. Whenever
collision occurs, the nodes should retransmit packets affected by collision, thus leading to multiple
retransmissions.
Node Compromise – Node compromise is one of the most common and detrimental attacks in WSN.
As sensors can be deployed in harsh environments such as a battlefield, ocean bed, or the edge of an
active volcano, they are easily susceptible to capture by a foreign agent.

Attacks Specific to WSN

Wireless sensor networks are vulnerable to eavesdropping problems as the data transmission highly
depends on the assumption that the receiving node faithfully receives and forwards the same

60 B.ShanmugaSundari, AP/CSE, PETEC csenotescorner.blogspot.com

 CP5291 Security Practices UNIT II

transmitted packet containing specified parameters. But during peer-to-peer communication the
parameters may be spoofed, replaced, altered, repeated, or even diminished by the single frequency or
intentional intruders.

Attacks on Beaconing Protocol

A beaconing protocol uses a breadth-first spanning tree algorithm to broadcast routing updates.
The sink node periodically broadcasts updated routing information to its immediate neighboring nodes.
These neighboring nodes then rebroadcast this information to their immediate neighbors, and the
process continues recursively.
During this process, each intermediate node makes a note of its parent node When all the active
nodes are operational, they should send all the sensed data to their parent node. However, this protocol
is vulnerable to many attacks. For example, a simple impersonation attack, leading to a sinkhole attack,
can totally compromise the entire network.

Attacks on Geographic- and Energy-Aware Routing (GEAR)

GEAR proposes a location- and energy-aware, recursive routing algorithm to address the
problem of uneven energy consumption in routing in WSN. In GEAR, every node gauges the energy
levels of its neighbors along with the distance from the target before making a routing decision.
In such situations, a laptop-class attacker can advertise that he has larger energy levels than his
neighboring node and attract all traffic to him. Thenceforth, he can execute a Sybil, black-hole, or
selective forwarding attack.
In general, any security suite should ensure authentication, integrity, confidentiality,
availability, access control, and nonrepudiation.

2.6.3 Security in WSN using a Layered approach

1. Security Measures in the Physical Layer
To prevent radio interference or jamming, the two common techniques used are
 Frequency-hopping spread spectrum (FHSS) and
 Direct-sequence spread spectrum (DSSS)

61 B.ShanmugaSundari, AP/CSE, PETEC csenotescorner.blogspot.com

 CP5291 Security Practices UNIT II

In FHSS, the signal is modulated at frequencies such that it hops from one frequency to another
in a random fashion at a fixed time interval. The transmitter and the corresponding receiver hop
between frequencies using the same pseudorandom code for modulation and demodulation.
In DSSS, a spreading code is used to map each data bit in the original signal to multiple bits in
the transmitted signal. The pseudorandom code (spreading code) spreads the input data across a wider
frequency range compared to the input frequency. In the frequency domain, the output signals appear as
noise. Since the pseudorandom code provides a wide bandwidth to the input data, it allows the signal
power to drop down below the noise threshold without losing any information.
The above-mentioned schemes can provide security only as long as the hopping pattern or the
spreading code is not disclosed to any adversary.

2. Security Measures in the Data Link Layer

Link-layer security plays an important role in providing hop-by-hop security. Its protocols are
useful in handling fair channel access, neighbor-node discovery, and frame error control.
Legacy security protocols such as Secure Socket Layer (SSL) or Internet Protocol Security
(IPSec) cannot be applied directly to WSN because they do not provide data aggregation or allow in-
network processing, which are prime requirements in designing security protocols.
Early security approaches focused on symmetric keying techniques, and authentication was
achieved using Message Authentication Code (MAC). One of the common MAC schemes is a cipher-
block chaining message authentication code. However, this scheme is not secure for variable length
input messages. Hence the end user (sensor nodes) has to pad the input messages to be equal to a
multiple of the block cipher.
To overcome this issue, other block cipher models such as CTR and OCB have been proposed.
With reference to confidentiality, symmetric encryption schemes used to protect WSN are DES, AES,
RC5, and Skipjack (block ciphers) and RC4 (a stream cipher). Usually, block ciphers are preferred to
stream ciphers because they allow authentication and encryption.

2.6.4 Security Measures For Wsn

1. Authentication
Three scenarios exist in WSN that require authenticated communication:
 Sink node to sensor nodes and vice versa
 Sensor node with other sensor nodes

62 B.ShanmugaSundari, AP/CSE, PETEC csenotescorner.blogspot.com

 CP5291 Security Practices UNIT II

 Outside user and sensor nodes

2. Key Management in WSN

Key distribution provides communication secrecy (confidentiality) and authentication among
sensor nodes, and key revocation refers to the task of removing compromised keys from the network.
Key distribution can be further divided into symmetric and asymmetric key-distribution
protocols.
Key-distribution schemes in WSN can be broadly classified into four classes:
 symmetric key algorithms,
 trusted server mechanisms,
 random key predistribution schemes, and
 public key algorithms.

Symmetric Key Algorithms

In this class, a single shared key is used to perform the encryption and decryption operations in
a communication network. Every node in the network shares a unique, preshared, symmetric key with
every other node in the network. The keys are preloaded into the sensor nodes before deployment.
Hence, in a network of n nodes, there would be a total of n(n21)/2 unique keys. Subsequently, every
node stores n21 keys, one for each of the other nodes in the network.
However, the applicability of this approach in large sensor networks is not pragmatic, as each
node would need to store n-1 keys, thus resulting in the rapid exhaustion of its limited memory space.
Although symmetric key algorithms are limited in terms of key distribution, they provide basic
cryptographic primitives, which can be used in combination with asymmetric key cryptographic
algorithms.

Trusted Server Mechanisms

In this category, key distribution is done via centralized trusted servers, which are usually static
in nature. In WSN, the sink node or the base station can act as a key distribution center (KDC).
Usually, unique symmetric keys are shared between the sink node and the ordinary nodes. If two nodes
were to communicate with each other, they would first authenticate with the base station after which the
base station generates a link key and sends it securely to both parties.

63 B.ShanmugaSundari, AP/CSE, PETEC csenotescorner.blogspot.com

 CP5291 Security Practices UNIT II

Random Key-Predistribution Schemes

In this method, keys are predistributed by preloading random keying material on sensor nodes
with the intention of establishing a common secret key between the communicating entities. As keys
are preloaded in a random manner, a certain set of nodes may not share a common key with each other.
In such cases, nodes could make use of their immediate neighbors who share keys as bridges between
the nodes that do not share a common key.

Public Key Algorithms

The main motive of this protocol is to facilitate secure communication between external users
and the sensor networks. The external user‘s identity is established by a CA, where his or her public
key is signed by the CA‘s private key. In this model, resource-abundant devices bear the burden of
RSA private key operations, and, hence, the sensor nodes maintain higher energy levels during
operations.

2.6.5 Routing Classifications in WSN

Routing protocols in WSN can be classified
1. data centricity,
2. location information,
3. network layering and in-network processing
4. path redundancy,
5. Quality of Service (QoS) requirement, and
6. network heterogeneity

1. Datacentric Communication
IP networks use a node-centric routing model in which information is exchanged using a unique
addressing scheme. a datacentric model is more focused on the aggregated data rather than on
identifying the exact node‘s identifiers.
The sink node or cluster head initiates a request for interested data and the responsible nodes
respond with the requested data; they vary in the manner in which the nodes send data back to the sink
node or cluster heads. The intermediate routing nodes inspect the data that is being sent to the sink node
and perform some form of consolidation operation, such that the sink node receives aggregated data
from different sources.

64 B.ShanmugaSundari, AP/CSE, PETEC csenotescorner.blogspot.com